Full Disclosure mailing list archives
Re: No Subject (re: openssh exploit code?)
From: security snot <booger () unixclan net>
Date: Mon, 20 Oct 2003 23:59:18 -0700 (PDT)
Yeah, Paul, you're a real smart guy I see! Just like everyone else who wants to see one of the exploits for the bug, you try to taunt those of us who are somewhat skilled at programming and have already developed our own commercial grade exploits to release what we have slaved over. Of course, you can keep using words like l33t and drop whatever other insults you want towards us - keep in mind, you're the one who isn't technically skilled enough to: 1) Figure out how to exploit the bug 2) Figure out why the bug isn't exploitable, and provide a technical argument against it So my owned friend, before you insult anyone on this list again, first get a fucking clue and become learned enough to at least not allow leaders of the security community like Ron Dufrense not make you look stupid every time you open your mouth. ----------------------------------------------------------- "Whitehat by day, booger at night - I'm the security snot." - CISSP / CCNA / A+ Certified - www.unixclan.net/~booger/ - ----------------------------------------------------------- On Tue, 21 Oct 2003, Paul Schmehl wrote:
--On Monday, October 20, 2003 5:19 PM -0700 "Gregory A. Gilliss" <ggilliss () netpublishing com> wrote:Hi, Maybe I missed something here...No, you didn't.I'm an assembler jockey from BITD and I know a few things about alloc/ calloc/malloc and heaps and stacks etc. So what's the key, may I ask, to this heap exploit that was the origin of this thread?You're never going to find that out, Gregory, because mitch, our l33t code monkey, is keeping the code to himself. Now mind you, he *assures* us that it's easy to 'sploit, so we're just gonna have to take his word for it. But you'd better patch now, 'cause he's gunnin' for ya. Paul Schmehl (pauls () utdallas edu) Adjunct Information Security Officer The University of Texas at Dallas AVIEN Founding Member http://www.utdallas.edu _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- RE: No Subject (re: openssh exploit code?) mitch_hurrison (Oct 20)
- Re: No Subject (re: openssh exploit code?) Gregory A. Gilliss (Oct 20)
- Re: No Subject (re: openssh exploit code?) Paul Schmehl (Oct 20)
- Re: No Subject (re: openssh exploit code?) security snot (Oct 21)
- Re: No Subject (re: openssh exploit code?) John Sage (Oct 21)
- Re: No Subject (re: openssh exploit code?) madsaxon (Oct 21)
- Re: No Subject (re: openssh exploit code?) Paul Schmehl (Oct 20)
- Re: No Subject (re: openssh exploit code?) Gregory A. Gilliss (Oct 20)
- <Possible follow-ups>
- Re: No Subject (re: openssh exploit code?) mitch_hurrison (Oct 21)
- Re: No Subject (re: openssh exploit code?) Anders B Jansson (Oct 21)
- Re: No Subject (re: openssh exploit code?) S . f . Stover (Oct 21)
- Re: No Subject (re: openssh exploit code?) Jason Coombs (Oct 21)
- Re: No Subject (re: openssh exploit code?) morning_wood (Oct 21)
- Re: No Subject (re: openssh exploit code?) Jason Coombs (Oct 21)
- Re: No Subject (re: openssh exploit code?) Valdis . Kletnieks (Oct 21)
- Re: No Subject (re: openssh exploit code?) Peter Busser (Oct 22)