Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Re: GAYER THAN AIDS ADVISORY #01: IE 5 remote code execution

From: Cael Abal <lists2 () onryou com>
Date: Wed, 18 Feb 2004 10:53:02 -0500
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

morning_wood wrote:
| "A security researcher, who only identified himself by the initials
| "gta,"posted information on the vulnerability to several security
| mailing lists."
|
| one down... how many more are out there?
|
| and 'yall thought that post was unconfirmed. muhahah

I'm the guy who called the vulnerability unconfirmed -- at the time, it
was.  What's the big deal?

It's prudent to use words like 'supposedly' or 'possibily' when you're
working from second-hand information, especially from an unsigned
anonymous hushmail post like gta's.  I didn't have the means nor desire
to test it at the time, so I left it at that.

To be honest, I'm a bit concerned that we've only seen one
publically-released exploit so far.

C
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (MingW32)

iD8DBQFAM4peR2vQ2HfQHfsRAoN8AJ90nLJvPrNGzlCiDCem6CqblHNyMwCePehp
YqLZceHzvoQHF30KAwCPC5Y=
=vGdB
-----END PGP SIGNATURE-----

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
Previous By Date Next
Previous By Thread Next

Current thread: