| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <15c201c90085$0640deab$7a46a8c0@cc.w2k.vt.edu> Date: Sun, 17 Aug 2008 12:19:27 -0400 From: "Memisyazici, Aras" <arasm@...edu> To: <full-disclosure@...ts.grok.org.uk> Subject: Re: Beware the firefox ZERO DAYZZZZ @T Biehn: Please allow me to apologize for if I misunderstood your claim(s)... However, in your subject you are warning us about a FF 0-day while all you provide as 'proof' is anubis' examination of the 'after-the-fact' ... Could you pls give us a li'l more? Perhaps some logs (browser URL history, firewall, AV, event logs all scrubbed for non-related data), your FF version at the time of pwnage, a brief personal account on how this 'might' have happened etc etc might help us analyze and prep better for it. In the meantime, it looks like it's pretty easily detectable per the prev. reply and I'd like to note that Ikarus ID'd one of it's components as: PWS.Win32.Zbot.G (Sig-Id:20421721) So... Thx for the analysis but looks like more info is needed IMO! :) Sincerely, Aras 'Russ' Memisyazici Systems Administrator Office of the Vice President for Research Virginia Tech _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists