Full Disclosure mailing list archives
RE: RE:
From: "Drew Copley" <dcopley () eEye com>
Date: Thu, 1 Jul 2004 12:58:01 -0700
-----Original Message----- From: Blue Boar [mailto:BlueBoar () thievco com] Sent: Thursday, July 01, 2004 12:51 PM To: Drew Copley Cc: Robin Landis; bugtraq () securityfocus com; full-disclosure () lists netsys com; ntbugtraq () listserv ntbugtraq com Subject: Re: [Full-disclosure] RE: Drew Copley wrote:I contend that the fact that the very same people are reporting bugs does not mean that they are the only ones finding them. Nor does it mean that only an expert might find them. Nor does it mean that all experts would be inclined to report them.Great. Based on what evidence.Didn't a couple of the recent IE holes come to light because they were first publically found in the wild? BB
There has been one true zero day in IE. This was the recent spyware issue, later converted to work for some credit card scammers in Scob. There was a substantial zero day in IIS. The webdav bug, which was found when it was being used to attack military systems. The zero day in IE, utilized known vulnerabilities to work, without it, it could not have worked. That is out of several years of many people - and many talented people - pounding it. The IE zero day issue is not surprising because IE researchers receive and have received a lot of large money offers in the recent past. The webdav issue used exploit code which is extremely similiar to exploit code found by some of the best Chinese hackers on the planet. None of these are people outside of the social circles of other security researchers. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- RE: RE: Drew Copley (Jul 01)