Full Disclosure mailing list archives
Re: lame bitching about xpsp2
From: Maarten <fulldisc () ultratux org>
Date: Sun, 15 Aug 2004 00:34:56 +0200
On Saturday 14 August 2004 22:00, Niek Baakman wrote:
devis said the following on 8/13/2004 8:01 PM GMT+2:
MS web server full of damn holes? What about apache ? What do you think would happen if you do not update your apache for a year, or openssh, or any piece of software ? What do you think would happen if you did not apply those MaxOSX updates which Apple released over the past few months? Don't talk about releaking and only mention Microsoft. There are opensource programs which have the same track record.
A) Apache has a way better track record than IIS. Jeez, it's not even in the same ballpark... B) Apache does not run in kernelspace. IIS does. Therefore, an apache exploit yields unprivileged user access. IIS on the other hand yields full compromise Oh, and as an aside: patching often is indeed neccessary, on all platforms. But at least MY vendor doesn't take several _months_ to provide such a patch. Unlike some other vendor we all know. Maarten -- Yes of course I'm sure it's the red cable. I guarante[^%!/+)F#0c|'NO CARRIER _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- RE: lame bitching about xpsp2, (continued)
- RE: lame bitching about xpsp2 Jonathan Rickman (Aug 13)
- Re: lame bitching about xpsp2 Dark Avenger (Aug 13)
- RE: lame bitching about xpsp2 Todd Towles (Aug 13)
- Re: lame bitching about xpsp2 devis (Aug 13)
- Re: ask apple - was: lame bitching about xpsp2 it (Aug 14)
- Re: Re: ask apple - was: lame bitching about xpsp2 kf_lists (Aug 14)
- Re: ask apple... i.t Consulting (Aug 27)
- Re: ask apple... i.t (Aug 27)
- Re: Re: ask apple - was: lame bitching about xpsp2 Chris Adams (Aug 14)
- Re: lame bitching about xpsp2 devis (Aug 13)
- Re: lame bitching about xpsp2 Niek Baakman (Aug 14)
- Re: lame bitching about xpsp2 Maarten (Aug 14)
- RE: lame bitching about xpsp2 Jonathan Rickman (Aug 13)
- RE: lame bitching about xpsp2 Dinis Cruz (Aug 13)
- Re: lame bitching about xpsp2 devis (Aug 13)
- Re: lame bitching about xpsp2 Ill will (Aug 16)
- RE: lame bitching about xpsp2 joe (Aug 16)