Full Disclosure mailing list archives

Re: re: 0-day for sale on ebay

From: Juha-Matti Laurio <juha-matti.laurio () netti fi>
Date: Sat, 10 Dec 2005 02:30:24 +0200 (EET)

Btw, when checked the price was $64 and then at 9AM Finnish-time it was gone.

But anyway, your screenshot with 'bid $0.01' is cool in a certain way..

We have the fact that the recent CVSS Severity is 2.8 and it wasresearched on Dec. 6th, we can just wait the fix now.


- Juha-Matti

: They have even assigned a CVE entry for this:: http://nvd.nist.gov/nvd.cfm?cvename=CVE-2005-4131:: Some interesting references with a screenshot included too.
Microsoft has verified the bug is legitimate though:

http://www.eweek.com/article2/0,1759,1899697,00.asp?kc=EWRSS03129TX1K0000614

heBay Pulls Bidding for MS Excel Vulnerability
By Ryan Naraine
December 9, 2005
Whats the retail value of a security vulnerability in Microsoft Corp.sExcel spreadsheet program? At last check: $53 and counting.

.......

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Current thread:

re: 0-day for sale on ebay, (continued)
- re: 0-day for sale on ebay ad () heapoverflow com (Dec 09)
- Re: 0-day for sale on ebay ad () heapoverflow com (Dec 09)
  - Re: 0-day for sale on ebay Georgi Guninski (Dec 09)
- re: 0-day for sale on ebay Juha-Matti Laurio (Dec 09)
  - re: 0-day for sale on ebay security curmudgeon (Dec 09)
    - Re: 0-day for sale on ebay Georgi Guninski (Dec 10)
    - Re: 0-day for sale on ebay Steve Friedl (Dec 10)
    - Re: 0-day for sale on ebay Georgi Guninski (Dec 10)
    - Re: 0-day for sale on ebay Steve Friedl (Dec 10)
    - Re: 0-day for sale on ebay Georgi Guninski (Dec 11)
- Re: re: 0-day for sale on ebay Juha-Matti Laurio (Dec 09)