Re: SquirrelMail GPG Plugin vuln

[Charles Miller <cmiller () securityevaluators com>]

> Isn't that always the point when you sell a vulnerability in an  
> open source
> software? If I want to sell you a lighttpd remote exploit and you  
> trust me
> than you know that such a thing exists and you will most probably  
> invest
> more time in finding it yourself. The knowledge that something  
> exploitable
> really exists is a good motivation to find it.

The problem extends beyond open source.

But anyway, there is a big difference between saying there is a  
remote exploit in IIS and saying there is a command injection  
vulnerability in SquirrelMail GPG Plugin.  I can probably rediscover  
the SquirrelMail one in an hour but I may never find the IIS one.   
Also, the vulnerability Nicob pointed out was pre-auth (mine was post- 
auth).  I'm dying to know if version 2.1 patched the exploit they are  
trying to sell!

Charlie

ps.  Sorry about the (No Subject)

_______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com
http://lists.immunitysec.com/mailman/listinfo/dailydave