lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Fri, 14 Mar 2014 15:54:14 -0300 From: Alfredo Ortega <alfred@...undworkstech.com> To: full-disclosure@...ts.grok.org.uk Subject: Re: Google vulnerabilities with PoC Oh and this guy Shadown seems pretty knowledgeable too. BTW now I have to read what is this about,lets see... Alright, from TFA: "That means that a door was open for anyone to upload any file of choice. Whether this is a security vulnerability or not, I will leave that to your discretion" Not even you are sure this is a real vulnerability. It is not. On 03/14/2014 03:36 PM, Alfredo Ortega wrote: > Mario has years of experience (more than 10 in fact) in exploit writing > and vulnerability assessment. I would consider his position on the subject. > > If you don't believe me, Argentina extended me certifications that > proves that I can tell who has vulnerability assesment skills and who > does not. > > If you don't believe in Argentina, you should know the ONU accepts it as > a sovereign independent country. > > That is the complete certificate chain proving you that Mario is not an > idiot as you inferred. > > Best regards, > > Alfred > > > On 03/14/2014 10:50 AM, Sergio 'shadown' Alvarez wrote: >> Dear Nicholas Lemonias, >> >> I don't use to get in these scrapy discussions, but yeah you are in a completetly different level if you compare yourself with Mario. >> You are definitely a Web app/metasploit-user guy and pick up a discussion with a binary and memory corruption ninja exploit writter like Mario. You should know your place and shut up. Period. >> >> Btw, if you dare discussing with a beast like lcamtuf, you are definitely out of your mind. >> >> Cheers, >> Sergio. >> -- Sergio >> >> On Mar 14, 2014, "Nicholas Lemonias." <lem.nikolas@...glemail.com> wrote: >>> We are on a different level perhaps. We do certainly disagree on those >>> points. >>> I wouldn't hire you as a consultant, if you can't tell if that is a >>> valid >>> vulnerability.. >>> _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists