| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <1251923238.7050.64.camel@ts-hq-3> Date: Wed, 02 Sep 2009 22:27:18 +0200 From: Thomas Kristensen <tk@...unia.com> To: exploit dev <extraexploit@...il.com> Cc: full-disclosure@...ts.grok.org.uk, security@...unia.com Subject: Re: Secunia PSI (RC3) - memory corruption condition Hi, Thank you for the report. Based on the provided information, this is not a security issue (as securityfocus wrongfully hasted to conclude), but rather a bug (in an ancient release candidate). If you have any further details, please send those to security@...unia.com. -- Kind regards, Thomas Kristensen CTO Secunia Weidekampsgade 14A DK-2300 Copenhagen S Denmark Phone: +45 7020 5144 Fax: +45 7020 5145 Looking for a vulnerability research and reversing job? http://secunia.com/corporate/jobs/open_positions/ On Wed, 2009-09-02 at 21:15 +0200, exploit dev wrote: > Hi > I have detect, in some circumstance, a memory corruption issue in > Secunia PSI (release candidate 3). > The vendor was contacted without response. > > ...I know that this kind of issues in release candidate are not so > rare but if you are interested check: > > http://extraexploit.blogspot.com/2009/09/secunia-psi-rc3-undefined-memory.html > > > Regards > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists