Full Disclosure mailing list archives
Re: What's wrong with this picture?
From: Valdis.Kletnieks () vt edu
Date: Thu, 26 Feb 2004 15:31:30 -0500
On Thu, 26 Feb 2004 16:49:24 -0300, you said:
The fact that exploit code is made available after the patch is released, is probably because the researchers Made the vulnerability publicly available at same time as the patch was released, otherwise MS wouldnt give Credit to the researchers for the vuln.
The part you should wonder about is why there's a flood of "me-too" exploits after the patch comes out. Which is more likely, 6 or 8 grey hats all hacking for 48 hours straight to be the first to release a sploit, or 6 or 8 grey hats all figuring their 0-day is about to get shut down so they should get some creds by releasing it and looking like a uber-coder?
Attachment:
_bin
Description:
Current thread:
- What's wrong with this picture? Valdis . Kletnieks (Feb 26)
- RE: What's wrong with this picture? Replugge[ROD] (Feb 26)
- Re: What's wrong with this picture? Valdis . Kletnieks (Feb 26)
- RE: [inbox] RE: What's wrong with this picture? Curt Purdy (Feb 26)
- Re: What's wrong with this picture? Georgi Guninski (Feb 26)
- <Possible follow-ups>
- FW: What's wrong with this picture? Richard Spiers (Feb 26)
- Re: What's wrong with this picture? Chris McCulloh (Feb 26)
- RE: What's wrong with this picture? Geo. (Feb 26)
- Re: What's wrong with this picture? Chris McCulloh (Feb 26)
- RE: What's wrong with this picture? Wall, Kevin (Feb 26)
- RE: What's wrong with this picture? Jos Osborne (Feb 27)
- RE: What's wrong with this picture? Replugge[ROD] (Feb 26)