lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <20121109142942.GS390@clanspum.net> Date: Fri, 9 Nov 2012 08:29:42 -0600 From: Bill Weiss <houdini+full-disclosure@...nspum.net> To: full-disclosure@...ts.grok.org.uk Subject: Re: A damn aweful facebook DOS Chris C. Russo(chris@...ciumsec.com)@Thu, Nov 08, 2012 at 04:28:33AM -0300: > Good news everyone! > > The last time I reported a security flaw to facebook, it took around 6 > weeks until they replied, > telling me that there was no flaw at all. Perhaps that's why I decided > to make public any flaw on facebook from now on. [cut some technical details for readability] > (Properly replace the <EXTREMLY LONG MESSAGE HERE> before testing) > > This might not be the best vulnerability description ever, > but I hope it helps solving the condition as soon as possible. Have fun. What length of EXTREMELY LONG MESSAGE were you using in testing? 1K bytes, 1M, 1G? -- Bill Weiss _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists