Bugtraq mailing list archives
Posting from Analysys on MS Outlook Buffer Exploit
From: Elias Levy <aleph1 () SECURITYFOCUS COM>
Date: Wed, 2 Aug 2000 15:05:03 -0700
----- Forwarded message from Jim Warwick <jim.warwick () analysys com> ----- Message-ID: <011b01bff870$5f658ea0$1001010a () analysys co uk> From: "Jim Warwick" <jim.warwick () analysys com> To: <aleph1 () securityfocus com> Subject: Posting from Analysys on MS Outlook Buffer Exploit Date: Fri, 28 Jul 2000 09:46:50 +0100 Organization: Analysys Ltd X-Mailer: Microsoft Outlook Express 5.00.2919.6600 Elias, could you post the following as our official company response to Chris Paget's contribution on the MS Outlook Email buffer overflow exploits. Thanks Jim Warwick ===================================== I would like to make a response to this thread as Chris Paget's employer. We were surprised to see that Chris had posted a message suggesting the implementation of an "Antibody" program (designed to propogate patches and security fixes via MS Outlook) which has all the characteristics of a virus. This is a matter we take seriously, for several reasons. Chris's original posting with the "Antibody" idea was not thought through - he had not taken account of the potential harm that such a program could and would cause the community. Also, the views he expressed were entirely his own, and the association of his personal views with our company is highly misleading - Analysys is undertaking no work in this field. We have talked with Chris about this, and he appreciates the mistakes of posting the original message. We are certain that this incident results from Chris's over enthusiasm for the idea he had for the "Antibody" program, rather than any malicious intent on his part. We have also made it clear that Chris should not develop any version of an "Antibody" or derivative program (whether friendly or not). I hope this will reassure the respondents to Chris's original posting. Regards Jim Warwick Technical Director, Analysys Ltd ----- End forwarded message ----- -- Elias Levy SecurityFocus.com http://www.securityfocus.com/ Si vis pacem, para bellum
Current thread:
- Posting from Analysys on MS Outlook Buffer Exploit Elias Levy (Aug 02)