Full Disclosure mailing list archives
Re: Mozilla Firefox "Host:" Buffer Overflow
From: Dave Aitel <dave () immunitysec com>
Date: Fri, 09 Sep 2005 11:53:09 -0400
Andrew R. Reiter wrote:
They can all now be helped by their more technically inclined family members. This isn't an option in vendor-monopoly disclosure models, where you just have to pray that only the vendor and a few other people know about the bug, and they're not bothering to exploit your poor mom or dad (or yourself).On Fri, 9 Sep 2005, Dave Aitel wrote: :It's not consideration to hide the actual risk from users of the product. :That's just Microsoft hogwash. : :Right now, everyone knows they are at risk, and what to do about it - we can :stop using Firefox if we think it's a high enough risk vulnerability to do so. :This is definately better than just being in the dark for another week or so :until they get the patch done. : :-daveWhat about all those poor mom's and dad's who were encouraged to use Firefox but have 0 clue as to what the heck Full-Disclosure is? Seems to me your idea of "everyone" is misguided.Cheers, :
They're probably still better off using Firefox, of course, just not completely immune. Which you already assumed, right?
-dave _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Re: Mozilla Firefox "Host:" Buffer Overflow, (continued)
- Re: Mozilla Firefox "Host:" Buffer Overflow Heikki Toivonen (Sep 09)
- Re: Mozilla Firefox "Host:" Buffer Overflow n e w s (Sep 09)
- RE: Mozilla Firefox "Host:" Buffer Overflow Larry Seltzer (Sep 09)
- Re: Mozilla Firefox "Host:" Buffer Overflow Dave Aitel (Sep 09)
- RE: Mozilla Firefox "Host:" Buffer Overflow Larry Seltzer (Sep 09)
- RE: Mozilla Firefox "Host:" Buffer Overflow Bruce Ediger (Sep 09)
- RE: Mozilla Firefox "Host:" Buffer Overflow Larry Seltzer (Sep 09)
- RE: Mozilla Firefox "Host:" Buffer Overflow Bruce Ediger (Sep 09)
- RE: Mozilla Firefox "Host:" Buffer Overflow Bruce Ediger (Sep 09)
- Re: Mozilla Firefox "Host:" Buffer Overflow Dave Aitel (Sep 09)
- Re: Mozilla Firefox "Host:" Buffer Overflow Heikki Toivonen (Sep 09)
- Re: Mozilla Firefox "Host:" Buffer Overflow Andrew R. Reiter (Sep 09)
- Re: Mozilla Firefox "Host:" Buffer Overflow Dave Aitel (Sep 09)
- Re: Mozilla Firefox "Host:" Buffer Overflow Andrew R. Reiter (Sep 09)
- Re: Mozilla Firefox "Host:" Buffer Overflow milw0rm Inc. (Sep 09)
- Re: Mozilla Firefox "Host:" Buffer Overflow Adam Polkosnik (Sep 09)
- RE: Mozilla Firefox "Host:" Buffer Overflow Larry Seltzer (Sep 09)
- RE: Mozilla Firefox "Host:" Buffer Overflow Larry Seltzer (Sep 09)
- RE: Mozilla Firefox "Host:" Buffer Overflow Larry Seltzer (Sep 10)