| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 17 Aug 2007 03:52:03 +0530 From: Pranay Kanwar <warl0ck@...aeye.org> To: "J. Oquendo" <sil@...iltrated.net> Cc: full-disclosure@...ts.grok.org.uk, "Steven M. Christey" <coley@...re.org>, websecurity@...appsec.org Subject: Re: SecNiche : Microsoft Internet Explorer Pop up Blocker Bypassing and Dos Vulnerability Frankly i now feel, that its not SecNiche's fault entirely, it has got a lot of encouragement from its past invalid and absurd claims. Such as _JWIG Context Dependent Template Calling Denial of Service Vulnerability._ http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-3816 http://www.securityfocus.com/bid/24974 http://xforce.iss.net/xforce/xfdb/35515 _Internet Explorer Domain Specification Dos and Page Suppressing._ http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-3550 http://www.securityfocus.com/bid/24744 http://xforce.iss.net/xforce/xfdb/35455 Anyone without knowing rocket science will tell that above two are entirely absurd and invalid. Since SecNiche gets its bogus advisories through, why stop ? It seems now only good place left is secunia, since they verify first before adding the advisories. One does find the above two at secunia. Also i am pretty sure the above links will stay forever and i don't suppose i have to explain why. Anyhow i just hope SecNiche would improve and get something *real*. regards warl0ck // MSG J. Oquendo wrote: > Aditya K Sood wrote: > >> Embarrassment. Nothing lies beneath it. Critically your are too much at >> of your own in deciding. > > > Personally, this is just another kiddiot on my filters. I only see the > residue of responses to him. I believe every single advisory this > *person* (play nice now) has sent out has 1) never been verified 2) > never been worthwhile 3) repeat steps 1 and 2. > > I plan to release some advisories myself too sometime this millenium. I > found that if you allowed these miserable posts to fill your mailbox, > your machine will fill up space... Then crash... And crashing is a bad > thing. Which is a DoS. Which is evil. Translation... Re-blocking APNIC > and RIPE ranges. Evil hackers out there. Pop Up blockers... Scare-e... > IE? I'm so owned as of last weekend months ago. > > > > > ------------------------------------------------------------------------ > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists