Full Disclosure mailing list archives
Re: FrSIRT False Alarm
From: <ad () class101 org>
Date: Sat, 20 Aug 2005 19:39:55 +0200
btw illwill made something to block it, havent tested it myself but this might be useful to post it here: http://illmob.org/files/0day/msdds.dll_deactivator.rar **************************************************************** KEY: 0xA7C69C5F PRINT: 694C 3495 BCC4 2F8B D794 6BD4 AF8B 457B A7C6 9C5F **************************************************************** ----- Original Message ----- From: "Paul" <pvnick () gmail com> To: <ad () class101 org>; <full-disclosure () lists grok org uk> Sent: Saturday, August 20, 2005 7:33 PM Subject: Re: [Full-disclosure] FrSIRT False Alarm | > "Microsoft is concerned that this new report of a vulnerability in | > Internet | > Explorer was not disclosed responsibly, potentially putting computer users | > at risk. We continue to encourage responsible disclosure of | > vulnerabilities. | > We believe the commonly accepted practice of reporting vulnerabilities | > directly to a vendor serves everyone's best interests. This practice helps | > to ensure that customers receive comprehensive, high-quality updates for | > security vulnerabilities without exposure to malicious attackers while the | > update is being developed." | | Believe it or not, I am in full agreement with this statement. | | Regards, | Paul | Greyhats Security | http://greyhatsecurity.org | | | ----- Original Message ----- | From: <ad () class101 org> | To: <full-disclosure () lists grok org uk> | Sent: Saturday, August 20, 2005 6:13 AM | Subject: Re: [Full-disclosure] FrSIRT False Alarm | | | > | > MS said: | > | > "Microsoft is concerned that this new report of a vulnerability in | > Internet | > Explorer was not disclosed responsibly, potentially putting computer users | > at risk. We continue to encourage responsible disclosure of | > vulnerabilities. | > We believe the commonly accepted practice of reporting vulnerabilities | > directly to a vendor serves everyone's best interests. This practice helps | > to ensure that customers receive comprehensive, high-quality updates for | > security vulnerabilities without exposure to malicious attackers while the | > update is being developed." | > | > http://www.microsoft.com/technet/security/advisory/906267.mspx | > | > chaotic :> | > | >>>do you have a test page? | >>No. We used the public exploit to generate a specially crafted page. | >> | >> | >>Best regards, | >>FrSIRT / French Security Incident Response Team 24/7 | >>http://www.frsirt.com | >>-----BEGIN PGP SIGNATURE----- | >>Version: GnuPG v1.4.1 (MingW32) | >>Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org | >> | >> | >>iD8DBQFDBew5OjxwThxio44RAoWgAJ9k5+qAasePjIG8OaOe2AFjBKsvjQCfVFuD | >>I0Yc2oleSNh/jqc8lKRxQp8= | >>=CAvW | >>-----END PGP SIGNATURE----- | > | > **************************************************************** | > KEY: 0xA7C69C5F | > PRINT: 694C 3495 BCC4 2F8B D794 6BD4 AF8B 457B A7C6 9C5F | > **************************************************************** | > | > | > | > _______________________________________________ | > Full-Disclosure - We believe in it. | > Charter: http://lists.grok.org.uk/full-disclosure-charter.html | > Hosted and sponsored by Secunia - http://secunia.com/ | | _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- FrSIRT False Alarm DudeVanWinkle (Aug 19)
- RE: FrSIRT False Alarm Ray P (Aug 19)
- Re: FrSIRT False Alarm naveed (Aug 24)
- <Possible follow-ups>
- RE: FrSIRT False Alarm Todd Towles (Aug 19)
- Re: FrSIRT False Alarm DudeVanWinkle (Aug 19)
- Re: FrSIRT False Alarm ad (Aug 20)
- Re: FrSIRT False Alarm Paul (Aug 20)
- Re: FrSIRT False Alarm ad (Aug 20)
- Re: FrSIRT False Alarm Thierry Zoller (Aug 20)
- Re: FrSIRT False Alarm Paul (Aug 20)
- Re: FrSIRT False Alarm Dave Korn (Aug 22)
- Re: Re: FrSIRT False Alarm Ill will (Aug 22)
- Re: FrSIRT False Alarm Ill will (Aug 24)
- RE: FrSIRT False Alarm Aviv Raff (Aug 25)
- Re: FrSIRT False Alarm ad (Aug 25)
- Re: FrSIRT False Alarm Paul (Aug 20)
- Re: FrSIRT False Alarm Jérôme ATHIAS (Aug 21)