Dailydave mailing list archives
Re: Announcing the Zero Day Initiative
From: Listas <listas () rce neoline com br>
Date: Tue, 26 Jul 2005 08:33:26 -0300
Yeah, i have a Zer0D4y expl01t, notepad buffer trick mallock chunk exploit. Remote Shell on target host. hmm maybe you yave to pay 1 coxinha for me. -Rafael TXS wrote:
Hey, if IDefense can sell off for 40m$ doing exactly the same thing what's to stop anyone else from making a quick buck. The real question is why would a company with a name as large as 3com get themselves stuck into the middle of this potentially legal fiasco. Although I suppose they will have the cash and lawyers to back it if the proverbial sh!t hits the fan. --txs On Mon, Jul 25, 2005 at 06:43:40AM -0700, Etaoin Shrdlu wrote:David Endler wrote:Hey Halvar, By our own standards, 3Com cannot use any vulnerability information or report it to anyone until it is officially purchased. We have more to lose from a trust and legal standpoint: http://www.zerodayinitiative.com/benefits.html "If an offer is not made or an offer is made but not accepted by the researcher, the vulnerability information will remain the property of the researcher and will not be used in the Zero Day Initiative (ZDI) program."Uh-huh. You are neither a priest nor a doctor. I can see the lawsuits now (assuming you actually followed the process above). If you know of a vulnerability, and yet do not inform the vendor, all sorts of possibilities open up. In this day and age of a vanishing constitution, where the Patriot Act is the law of the land, I cannot see how you expect as to be so naive as to think that you will not take advantage of anyone so stupid as to believe you. Yes, I know that there's already someone out there paying for vulns; I don't trust them either. -- It is by caffeine alone I set my mind in motion. It is by the beans of Java that thoughts acquire speed, the hands acquire shaking, the shaking becomes a warning. It is by caffeine only I set my mind in motion. _______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com https://lists.immunitysec.com/mailman/listinfo/dailydave_______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com https://lists.immunitysec.com/mailman/listinfo/dailydave
_______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com https://lists.immunitysec.com/mailman/listinfo/dailydave
Current thread:
- Announcing the Zero Day Initiative David Endler (Jul 24)
- Re: Announcing the Zero Day Initiative Michael Silk (Jul 24)
- Re: Announcing the Zero Day Initiative Steve Lord (Jul 25)
- Re: Announcing the Zero Day Initiative Halvar Flake (Jul 25)
- Re: Announcing the Zero Day Initiative chaff0 Sr. (Aug 04)
- <Possible follow-ups>
- RE: Announcing the Zero Day Initiative Kyle Quest (Jul 25)
- RE: Announcing the Zero Day Initiative David Endler (Jul 25)
- RE: Announcing the Zero Day Initiative Andrew R. Reiter (Jul 25)
- Re: Announcing the Zero Day Initiative Etaoin Shrdlu (Jul 25)
- Re: Announcing the Zero Day Initiative TXS (Jul 25)
- Re: Announcing the Zero Day Initiative Listas (Jul 26)
- RE: Announcing the Zero Day Initiative Evgeny Pinchuk (Jul 25)
- RE: Announcing the Zero Day Initiative David Endler (Jul 25)
- Re: Announcing the Zero Day Initiative MindsX (Jul 25)
- Re: Announcing the Zero Day Initiative I)ruid (Jul 25)
- Re: Announcing the Zero Day Initiative MindsX (Jul 25)
- Re: Announcing the Zero Day Initiative Frank Knobbe (Jul 25)
- Re: Announcing the Zero Day Initiative I)ruid (Aug 02)
- Re: Announcing the Zero Day Initiative MindsX (Jul 25)