| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <453BCB42.8020605@digitalmunition.com>
Date: Sun, 22 Oct 2006 15:49:22 -0400
From: "K F (lists)" <kf_lists@...italmunition.com>
To: full-disclosure@...ts.grok.org.uk
Subject: Re: HP Tru64 dtmail bug - Really exploitable?
Roman Medina-Heigl Hernandez wrote:
>
> More or less according to HP advisory ("HPSBTU02163 SSRT061223") which
> marks the impact as POTENTIAL ("Potential Security Impact: Local execution
> of arbitrary code")
Don't mind the smoke and mirrors. HP always says that. Even with working
root exploits in hand HP will release an advisory that say 'potential'.
don't believe me?
http://archives.neohapsis.com/archives/tru64/2002-q3/0019.html
http://downloads.securityfocus.com/vulnerabilities/exploits/TRU64_su.pl
funny how that works eh?
-KF
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists