Full Disclosure mailing list archives
Re: xp sp3 remote bof [from FD digest 76:33]
From: "-= Glowing Sex =-" <doomxd () gmail com>
Date: Sat, 18 Jun 2011 05:31:28 +1000
all i can say to this is hahahahahaha , this is what FD has become, why are you all so surpirsed?? lol... elfius, good stuff :) On 18 June 2011 00:45, Ray Jertop <seclists () aussievapers com> wrote:
Hi, I would think that the behaviour is slightly odd. His first communication started out giving the impression that his intention was to responsibly disclose the issue to the affected vendor but that he was simply unaware as to how to do so and would simply like instruction on the best method. Overall the tone was that of a responsible disclosure. After some rather helpful information we now come full circle and its all about the "value" of the exploit, and yes I understand that exploits are valuable to many for many reasons but in that case you should already know it and what kind of purpose such an exploit could have for you. How about the value in helping the vendor to secure such an exploit? How about the value received from helping to close one more malicious avenue that while it may not have a huge and immediate effect helps in its own way? It seems a character change once money enters the picture is all too quick these days. Why the need to hide the obvious intent I wonder, worried about the response? What do I know though. Im new here. Regards, Jay Porter On 17/06/2011, at 11:11 PM, SMiller () unimin com wrote:elfius <elfius () gmail com> wrote:Thanks for the advice guys. I've received quite a few interesting offersfrom some rather shady sounding people (as well as public messages here), and I've begun to realise how much this is worth. So for the time >being anyway I think I'll keep it for a rainy day. Cheers again for the input.So, evidently your purpose in posting here was to find out how best tomarket the vuln you identified, not to investigate its disclosure. You could have owned up to that in the first place. Do you not feel some slight embarrassment in describing others as "shady sounding"?_______________________________________________Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Re: xp sp3 remote bof [from FD digest 76:33] SMiller (Jun 17)
- Re: xp sp3 remote bof [from FD digest 76:33] Ray Jertop (Jun 17)
- Re: xp sp3 remote bof [from FD digest 76:33] -= Glowing Sex =- (Jun 18)
- Re: xp sp3 remote bof [from FD digest 76:33] Ray Jertop (Jun 17)