lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <3a166c090605081804w4fa27683o9fc4d31d029687a@mail.gmail.com>
Date: Tue May  9 02:04:10 2006
From: n3td3v at gmail.com (n3td3v)
Subject: IE7 Zero Day

On 5/8/06, 0x80@...h.ai <0x80@...h.ai> wrote:
> There is no skin to save.  No law is being broken and I am not
> holding anyone ransom.
>
> Microsoft is not the only vendor that can fix this bug either, it
> would be easy to patch the DLLs involved.
>
> No one is monitoring anything because I have not broken any laws in
> any country.  You reply simply dances around the issue because as
> usual, you have zero idea what you are talking about.

Symantec see you as threat:

"

ThreatCon Level is 1

A researcher has made a post to the Full-Disclosure mailing list
claiming that he has discovered two unknown and unpatched
vulnerabilities in Microsoft Internet Explorer 7, which is currently
in beta. He also states that at least one of the issues is present in
Microsoft Internet Explorer version 6.x, but circumstances unknown to
the researcher prevent him from being able to successfully exploit it.
The discoverer of these issues has stated that they will be privately
sold to the highest bidder. Internet Explorer 7 is beta software, and
as such, should not be used on sensitive systems. Though the
possibility of exploitation against version 6.x may exist, it should
always be assumed that there may be latent vulnerabilities in client
software. Users are advised to employ best practices such as avoiding
untrusted websites, links from untrusted sources, and running such
software with the least possible privileges.


"
http://www.symantec.com/avcenter/threatcon/learnabout.html

Regards,

n3td3v

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ