| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <Pine.LNX.4.64.0902271325350.16892@localhost.localdomain> Date: Fri, 27 Feb 2009 13:39:31 +0000 (UTC) From: jf <jf@...glingpointers.net> To: Jubei Trippataka <vpn.1.fanatic@...il.com> Cc: full-disclosure@...ts.grok.org.uk Subject: Re: Apple Safari 4 Beta feeds: URI NULL Pointer Dereference Denial of, Service Vulnerability > I'm didn't even comment on Mark's paper, it is definitely a great piece of > research, there is no doubt. It's just that some people have read this paper > and thought, wow, all those NULL bugs are now exploitable. It's important to > separate these bug classes. sorry to interrupt your self-aggrandizing tirade, however you're the only one who took the implication that *all* null ptr related bugs are exploitable-- i never implied or said that, just said in some instances they can be. Furthermore, I think you're taking the word 'dereference' a little too serious and you should perhaps take up a hobby such as baseball cards or miniature collectibles to quench you're apparent need to sub-categorize into nothing. If you want to insist that null+x/etc bugs be in an entirely separate category than dereferences, that's cool, just don't go all ape-shit on people who dont share your same narrow view at some feeble attempt at elitism via syntactic pedantry. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists