lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date: Fri May  5 21:41:56 2006
From: rcwhelan at gmail.com (Ryan Whelan)
Subject: IE7 Zero Day

It is very apparent to me that no one wants to buy, your 'exploit'. I don't
think calling the industry 'pathetic' or the people associated with it
'stupid' is going to win you any supporters. I would suggest you either
fully disclose what you found, or just save what little dignity you have
left and be quiet.


On 5/5/06, 0x80@...h.ai <0x80@...h.ai> wrote:
>
> It is amazing at the collective stupidity of so called security
> professionals.  Yet I get questioned as to why I don't want to join
> your pathetic industry.
>
> >Yeah, but since he can't sploit this "vuln" he claims to have
> >found, it's
> >perhaps not going to net him much interest nor cash from others,
> >being
> >he's also holding his cards so close4 to his vest.
>
> I said that it is not exploitable on IE 6.0.  It is exploitable on
> IE 7 all versions.  Perhaps reading comprehension would be good for
> you.
>
>
> >One might as well post it this way:
> >
> >someplace, somewhere is a pc with a vulnerable application, guess
> >where it
> >is and you can own it.  Oh, but, pay me big bucks first so I can
> >eat well
> >for a day or two.
>
> Are you the product of a broken condom during a gang rape?  Learn
> how to read before you pass judgement.  Better yet, learn how to
> find your own vulnerabilities instead of wasting your time
> researching other people's wireless security issues.
>
>
>
> Concerned about your privacy? Instantly send FREE secure email, no account
> required
> http://www.hushmail.com/send?l=480
>
> Get the best prices on SSL certificates from Hushmail
> https://www.hushssl.com?l=485
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20060505/ffeef687/attachment.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ