| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 04 Oct 2007 14:16:02 -0400 From: iDefense Labs <labs-no-reply@...fense.com> To: full-disclosure@...ts.grok.org.uk, bugtraq@...urityfocus.com, vulnwatch@...nwatch.org Subject: Re: iDefense Security Advisory 10.02.07: Sun Microsystems Solaris FIFO FS Information Disclosure Vulnerability Zaraza, Thank you for pointing out the misleading text. The vulnerability is a signedness error which leads to information disclosure. We have updated the advisory to read as follows. === negative value can cause large amounts of kernel memory contents to be disclosed. === VeriSign iDefense Labs > From: 3APA3A <3APA3A_at_SECURITY.NNOV.RU> > Date: Thu, 4 Oct 2007 20:38:51 +0400 > > Dear iDefense Labs, > > Can you please clarify this issue? According to subject it looks like > information leak (information disclosure) issue, while according to > description, it looks more like memory leak (Denial of Service) issue. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists