Full Disclosure mailing list archives
Re: no more public exploits
From: nicolas vigier <boklm () mars-attacks org>
Date: Wed, 28 Apr 2004 01:47:10 +0200
On Tue, 27 Apr 2004, Dave Aitel wrote:
Well, if it's that much of an issue, you can always buy your exploits from a commercial source, such as Immunity (http://www.immunitysec.com/CANVAS/ . We have an LSASS (one exploit fits all) and a PCT exploit (ported from SP0-4), so you can show all your management exactly why they should patch. And you can also feel secure that the exploits you download aren't trojaned when you're using something with commercial support. At $995 for a full site license, including source, CANVAS is cheaper than the alternative...
This is interesting ... This mean that anyone who have enought money can get the exploits they want. And if people can get theses exploits as easily, an admin cannot ignore them, and there is no reason to avoid a public release because the people who really want them for a bad action aldready have them (they only need money). And this program seems pretty usefull ... Does any open source program similar to this one aldready exists ? _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- RE: no more public exploits, (continued)
- RE: no more public exploits Curt Purdy (Apr 27)
- Re: no more public exploits list (Apr 28)
- Re: no more public exploits rd (Apr 28)
- RE: no more public exploits Duquette, John (Apr 27)
- Re: no more public exploits Dave Sherohman (Apr 27)
- Re: no more public exploits Yabby (Apr 27)
- Detecting newly added Windows Services (was: no more public exploits) Marcel Krause (Apr 28)
- RE: no more public exploits Douglas Carvalho (Apr 27)
- RE: no more public exploits Ng, Kenneth (US) (Apr 27)
- Re: no more public exploits Dave Aitel (Apr 27)
- Re: no more public exploits nicolas vigier (Apr 27)
- Re: no more public exploits Dave Aitel (Apr 27)
- Re: no more public exploits Dave Aitel (Apr 27)
- RE: no more public exploits Ng, Kenneth (US) (Apr 27)
- Re: no more public exploits chris (Apr 27)
- Re: no more public exploits james (Apr 27)
- Re: no more public exploits Felipe Cerqueira - skylazart (Apr 28)
- Re: no more public exploits gcb33 (Apr 28)
- Re: no more public exploits Evgeny Demidov (Apr 28)
- RE: no more public exploits xavier.poli (Apr 28)
- Re: no more public exploits Evgeny Demidov (Apr 28)
- RE: no more public exploits xavier.poli (Apr 28)
- no more public exploits Helmut Hauser (Apr 29)