lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <CAM2Hf5kZznkFX6nPTTyLCrB9RC+i17oqUB3AFhgWRYAqa43EZA@mail.gmail.com>
Date: Thu, 11 Oct 2012 09:26:20 -0700
From: Gage Bystrom <themadichib0d@...il.com>
To: Valdis.Kletnieks@...edu, 
	"full-disclosure@...ts.grok.org.uk" <full-disclosure@...ts.grok.org.uk>
Subject: Re: Multiple 0-days in Dark Comet RAT

That's because no one particularly cares that it is malware. Botnets,
rootkits, rats, ect are all just as potentially vulnerable as any other
software, except the impact is pretty low. Let's say someone was exploiting
this in the wild. Realistically what are they accomplishing? Most of the
time they'd just be jacking boxes from other people that already got in.
Hardly a feat when chances are you could get in through the same methods
the original guy did.
On Oct 11, 2012 7:08 AM, <Valdis.Kletnieks@...edu> wrote:

> On Wed, 10 Oct 2012 23:25:50 +0200, Pascal Ernster said:
>
> > I suppose it turns into a 0 day when you post it on this mailing list
> > and happen to be in the mood to put the vendor's marketing division on
> > BCC.
> >
> > -1 day could be when you ask a friend to check your mail to this ML for
> > major grammar errors before you post it.
>
> All this ranting about the meaning of a 0-day - and not one person has
> mentioned the fact that the vulnerability is in *malware*??!?
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>

Content of type "text/html" skipped

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ