| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20111113183907.GA2841@sivokote.iziade.m$> Date: Sun, 13 Nov 2011 20:39:07 +0200 From: Georgi Guninski <guninski@...inski.com> To: "Thor (Hammer of God)" <thor@...merofgod.com> Cc: "full-disclosure@...ts.grok.org.uk" <full-disclosure@...ts.grok.org.uk> Subject: Re: Microsoft Windows vulnerability in TCP/IP Could Allow Remote Code Execution (2588516) On Thu, Nov 10, 2011 at 05:47:07PM +0000, Thor (Hammer of God) wrote: > So, I've looked about on the web to see what software of any consequence you have written, but I can't find any. Can you point me to anything that illustrates that you know how to develop wide scale software applications and execute an SDL plan, or do you just like to sit back and bitch about everyone else without actually doing anything? I'm serious - I'd really like to know. Over all these years, all I've ever seen from you is talk about how stupid everyone else is, but I've never once actually seen you do anything constructive. > > t > > -----Original Message----- > From: full-disclosure-bounces@...ts.grok.org.uk [mailto:full-disclosure-bounces@...ts.grok.org.uk] On Behalf Of Georgi Guninski > Sent: Thursday, November 10, 2011 8:48 AM > To: xD 0x41 > Cc: full-disclosure@...ts.grok.org.uk > Subject: Re: [Full-disclosure] Microsoft Windows vulnerability in TCP/IP Could Allow Remote Code Execution (2588516) > > On Thu, Nov 10, 2011 at 08:46:44AM +1100, xD 0x41 wrote: > > You could just google for IRC packs of win2k src ;) I know i have a > > copy of it somewhere... acvtually tho, would not be helpful tho, as it > > does not affect win2k.. so i guess there would be some code there but > > not the code you want. > > > > @george > > and, ideally if 'years' ago existed for this exploit but, it does only > > affect v6 and up , this is tested.... so xp/2k/2k3 not affected... > > still, i know people are using other ways anyhow , and thats just how > > botting is... one way dies, one takes its place :s i guess we wait for > > the rls of this.. maybe! > > > > > > as in real life, real bugs die (the imaginary case is not clear to me). > > i suppose "trustworthy computing" doesn't mean "not many bugs still alive". > > -- > j > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ You mad bro? http://www.theregister.co.uk/2011/11/09/nov_patch_tuesday/ Patch Tuesday leaves Duqu 0-day for another day "Trustworthy computing" is questionably alive and Duqu (including future mutations) is completely alive. On which one a sane better would bet? -- j _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists