Vulnerability Development mailing list archives
Re: lpd exploit?
From: Theodor Ragnar Gislason <teddi () LINUX IS>
Date: Fri, 8 Dec 2000 17:15:32 +0000
It was a polite request to everyone that they respect a coders possibility to publish such an exploit to a public arena where his situation can be explained. You make it look as if I coded it so script kiddies could crack boxes. I was not trying to ban it since the header clearly indicates that it can be distributed. If you cannot respect that, fine...end of debate. - DiGiT On Fri, 8 Dec 2000, Graeme Fowler wrote:
DiGiT wrote:I would apreciate that neither you or anyone else publish my exploits to such a medium as this mailinglist or any sort of public arena.Why not? You quite clearly indicate in the copyright notice at the top of the code that:* Copyright (c) 2000 - Security.is * * The following material may be freely redistributed, provided * that the code or the disclaimer have not been partly removed, * altered or modified in any way. The material is the property * of security.is. You are allowed to adopt the represented code * in your programs, given that you give credits where it's due.That says 'freely distributed', right? That means (in my understanding) that I can freely distribute it providing I haven't changed or modified the code or disclaimer? Which I haven't done. That code was published exactly as-is, without modification. It also had to pass through the moderator of VULN-DEV prior to publishing; presumably if they thought there were a conflict in some way that the posting would not have been published to the list. I suspect that this thread could spin out of control if we're not careful, since we're going to enter the realms of the full-disclosure-versus-privacy argument. I found your kit on a server I was asked to investigate some problems with - along with code for about 60 other exploits - and following the non-appearance of any exploit code for LPRng on this list, published it - *after* consulting your copyright notice. If you object, change the notice. Have a good weekend Graeme
Current thread:
- Re: lpd exploit?, (continued)
- Re: lpd exploit? Jarno Huuskonen (Dec 04)
- Re: lpd exploit? Larry W. Cashdollar (Dec 04)
- Re: lpd exploit? Ron DuFresne (Dec 04)
- Re: lpd exploit? Ryan Yagatich (Dec 04)
- Re: lpd exploit? John (Dec 07)
- Re: lpd exploit? John (Dec 07)
- Re: lpd exploit? Ron DuFresne (Dec 08)
- Re: lpd exploit? Graeme Fowler (Dec 09)
- Re: lpd exploit? Theodor Ragnar Gislason (Dec 09)
- Re: lpd exploit? Graeme Fowler (Dec 09)
- Re: lpd exploit? Theodor Ragnar Gislason (Dec 09)
- Re: lpd exploit? WebFusion System Administrator (Dec 09)
- Re: lpd exploit? Ron DuFresne (Dec 10)
- Re: lpd exploit? Ron DuFresne (Dec 08)
- Re: lpd exploit? Ron DuFresne (Dec 10)
- Re: lpd exploit? Bluefish (P.Magnusson) (Dec 11)
- Re: lpd exploit? Graeme Fowler (Dec 09)