lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <0273B67044957C41BD71D12EBA2E00AE0FD60A@becca.LarrySeltzer.local>
Date: Fri, 4 May 2007 10:56:07 -0400
From: "Larry Seltzer" <Larry@...ryseltzer.com>
To: "Alex Kirk" <alex.kirk@...rcefire.com>,
	"M. Shirk" <shirkdog_list@...mail.com>
Cc: full-disclosure@...ts.grok.org.uk
Subject: Re: Month of ActiveX Bug

Maybe if we issued one every minute we could keep the time frame
reasonable

Larry Seltzer
eWEEK.com Security Center Editor
http://security.eweek.com/
http://blogs.eweek.com/cheap_hack/
Contributing Editor, PC Magazine
larryseltzer@...fdavis.com 

-----Original Message-----
From: full-disclosure-bounces@...ts.grok.org.uk
[mailto:full-disclosure-bounces@...ts.grok.org.uk] On Behalf Of Alex
Kirk
Sent: Friday, May 04, 2007 10:14 AM
To: M. Shirk
Cc: full-disclosure@...ts.grok.org.uk
Subject: Re: [Full-disclosure] Month of ActiveX Bug

I don't know...that seems like such a conservative time frame. Given
everything I see coming through on SecurityFocus, I'd say it's more like
"50 millenia of PHP Remote File Includes." ;-)

Alex Kirk
> How about "50 years of PHP Remote File Includes"? :)
>
> Shirkdog
> ' or 1=1--
> http://www.shirkdog.us
>
>
>
>
>
>> From: bugtraq@...security.net
>> To: felix-fulldisclosure@...e.de (Felix von Leitner)
>> CC: full-disclosure@...ts.grok.org.uk
>> Subject: Re: [Full-disclosure] Month of ActiveX Bug
>> Date: Thu, 3 May 2007 20:08:57 -0400 (EDT)
>>
>> > Why don't you do a month of eweek bugs. We won't limit you at all. 
>> > Any bug counts. Even XSS bugs in open source perl webmail apps.
Anything?
>>
>> If you want xss, then I think we're talking more about the decade of 
>> xss than month :)
>>
>> - Robert
>> http://www.cgisecurity.com/
>>
>> _______________________________________________
>> Full-Disclosure - We believe in it.
>> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>> Hosted and sponsored by Secunia - http://secunia.com/
>
> _________________________________________________________________
> Download Messenger. Join the i'm Initiative. Help make a difference 
> today. http://im.live.com/messenger/im/home/?source=TAGHM_APR07
>
> ----------------------------------------------------------------------
> --
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ