lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Date: Tue, 03 Apr 2007 14:19:54 -0500
From: <neal.krawetz@....hush.com>
To: <stefan.kelm@...orvo.de>, <sbradcpa@...bell.net>
Cc: full-disclosure@...ts.grok.org.uk, bugtraq@...urityfocus.com
Subject: Re: More information on ZERT patch for ANI 0day

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

a/s/l?

I currently reside in Fort Collins, Colorado and I obtained my PhD
from Texas A&M.

- - neal

On Tue, 03 Apr 2007 13:52:42 -0500 "Susan Bradley, CPA aka Ebitz -
SBS Rocks [MVP]" <sbradcpa@...bell.net> wrote:
>Hardly.
>
>Don't remember that last Zero day in 2006 do you?
>http://www.eweek.com/article2/0,1895,2019162,00.asp
>
>The Zert folks have coded up zero day patches before (VML and WMF
>anyone?) and are folks actively out in the community.  While I'm
>not
>ready yet to install third party patches on systems, I admire them
>for
>the community need that they are reacting to.  Gadi and the crew
>work
>hard and have my respect for their efforts.
>
>If you are willing to evaluate the eEye patch, Zert's should be
>higher
>on your list as well since reportedly it works better than eEye's.
>
>Regardless it's a moot point.  The real patch is out.
>Install that one.  It's on Windows update now.
>
>Stefan Kelm wrote:
>>> Hi, more information about the patch released April 1st can be
>found here:
>>>
>>> http://zert.isotf.org/
>>>
>>> Including:
>>> 1. Technical information.
>>> 2. Why this patch was released when eeye already released a
>third party
>>> patch.
>>>
>>
>> Has anyone actually checked what this patch does? Who are ZERT
>and
>> ISOTF respectively ("About ISOTF" at
>http://www.isotf.org/?page_value=0
>> says a lot...)?
>>
>> ...or is this an April Fool's joke?
>>
>> Cheers,
>>
>> 	Stefan.
>>
>>
>
>_______________________________________________
>Full-Disclosure - We believe in it.
>Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>Hosted and sponsored by Secunia - http://secunia.com/
-----BEGIN PGP SIGNATURE-----
Note: This signature can be verified at https://www.hushtools.com/verify
Version: Hush 2.5

wpwEAQECAAYFAkYSqI0ACgkQDpFP8dW5K4Z38AP+MZBVOwDkBuCQmDQwK2d0jE0UwlgE
6u+o+4hTpViyu0XIaV4+ltElje+1YB/vuRAx5DFV/FmGbjnNH31JZJNNuk372BVEQEyy
DsnD0zNUQd/SlMbaQ8KHaintbCFgSHp6wqbXEwRnFAfHy5Mn+1noDi2oVVdR1UEN65gJ
nPqfE0k=
=eXeS
-----END PGP SIGNATURE-----

--
Click to find great rates on home insurance, save big, shop here
http://tagline.hushmail.com/fc/CAaCXv1QU9J8I3FnXUDPvvGq2HC7Zxhg/


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ