Full Disclosure mailing list archives
Re: no more public exploits and general PoC gui de lines
From: Jedi/Sector One <j () pureftpd org>
Date: Tue, 27 Apr 2004 23:46:41 +0159
On Tue, Apr 27, 2004 at 04:05:13PM -0400, kquest () toplayer com wrote:
Are you saying that unless there's an exploit that gives you access to the target machine your company wouldn't patch
It's a matter of priority. For most PHBs, proactive security must be very low priority because keeping systems up to date doesn't bring any money to the company.
(even if there's an exploit that crashes the target)?
A DoS will usually not be enough to get some press. Unless most PHBs have read on ZDNet and Yahoo that "a critical flaw has been found in xxx and is actively being exploited by black hats", they will consider patching as a waste of time. They may even yell at you if patching systems implies a small downtime, even if it'ss a critical patch, as long as it has not been covered by for-PHBs press. Best regards, -- __ /*- Frank DENIS (Jedi/Sector One) <j at 42-Networks.Com> -*\ __ \ '/ <a href="http://www.PureFTPd.Org/"> Secure FTP Server </a> \' / \/ <a href="http://www.Jedi.Claranet.Fr/"> Misc. free software </a> \/ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- RE: no more public exploits and general PoC gui de lines kquest (Apr 27)
- Re: no more public exploits and general PoC gui de lines Jedi/Sector One (Apr 27)
- RE: no more public exploits and general PoC gui de lines Poof (Apr 27)
- Re: no more public exploits and general PoC gui de lines James Riden (Apr 27)
- Re: no more public exploits and general PoC gui de lines VeNoMouS (Apr 27)
- RE: no more public exploits and general PoC gui de lines Poof (Apr 27)
- Re: no more public exploits and general PoC gui de lines Eric LeBlanc (Apr 28)
- Re: no more public exploits and general PoC gui de lines Valdis . Kletnieks (Apr 28)
- Re: no more public exploits and general PoC gui de lines Eric LeBlanc (Apr 28)
- Re: no more public exploits and general PoC gui de lines Jedi/Sector One (Apr 27)