Full Disclosure mailing list archives
RE: MSIE src&name property disclosure
From: "joe" <mvp () joeware net>
Date: Mon, 15 Nov 2004 15:47:35 -0500
I don't know how your club works. Do you report to MS as well or just within your club that you charge people to be part of? Has MS responded to you if you did report it? What was their response that makes WINS a classic example? joe -----Original Message----- From: Dave Aitel [mailto:dave () immunitysec com] Sent: Monday, November 15, 2004 3:38 PM To: joe Cc: 'Michal Zalewski'; 'Berend-Jan Wever'; full-disclosure () lists netsys com; bugtraq () securityfocus com Subject: Re: [Full-disclosure] MSIE src&name property disclosure That's a good question for your Microsoft sales rep. If you want technical details, Immunity has a working and reliable Wins exploit in the Vulnerability Sharing Club version of CANVAS. I think there's an interesting difference between how the Linux community handled the recent kernel bugs, and how Microsoft and other commercial vendors handle all bugs. Dave Aitel Immunity, Inc. joe wrote:
How is it an example? -----Original Message----- From: full-disclosure-admin () lists netsys com [mailto:full-disclosure-admin () lists netsys com] On Behalf Of Dave Aitel Sent: Monday, November 08, 2004 9:49 AM To: Michal Zalewski Cc: Berend-Jan Wever; full-disclosure () lists netsys com; bugtraq () securityfocus com Subject: Re: [Full-disclosure] MSIE src&name property disclosure <SNIP> WINS is a classic example. <SNIP> _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- MSIE src&name property disclosure Berend-Jan Wever (Nov 08)
- Re: MSIE src&name property disclosure ("E" - GORILLA WAR stratigy? ) bipin gautam (Nov 08)
- Re: MSIE src&name property disclosure ("E" - GORILLA WAR stratigy? ) kf_lists (Nov 08)
- Re: MSIE src&name property disclosure ("E" - GORILLA WAR stratigy? ) jamie fisher (Nov 08)
- CyberGuard and their desired retraction (was Re:MSIE src&name property disclosure) security curmudgeon (Nov 11)
- Re: MSIE src&name property disclosure Michal Zalewski (Nov 08)
- Re: MSIE src&name property disclosure Dave Aitel (Nov 08)
- Re: MSIE src&name property disclosure Gadi Evron (Nov 08)
- RE: MSIE src&name property disclosure joe (Nov 15)
- Re: MSIE src&name property disclosure Dave Aitel (Nov 15)
- RE: MSIE src&name property disclosure joe (Nov 15)
- Re: MSIE src&name property disclosure Dave Aitel (Nov 15)
- Re: MSIE src&name property disclosure Micheal Espinola Jr (Nov 15)
- Re: MSIE src&name property disclosure Dave Aitel (Nov 08)
- Re: MSIE src&name property disclosure ("E" - GORILLA WAR stratigy? ) bipin gautam (Nov 08)
- Re: MSIE src&name property disclosure Michal Zalewski (Nov 08)
- Re: MSIE src&name property disclosure Georgi Guninski (Nov 08)
- <Possible follow-ups>
- Re: MSIE src&name property disclosure Elia Florio (Nov 08)