Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Re: HP Tru64 dtmail bug - Really exploitable?

From: <cdejrhymeswithgay () hush com>
Date: Sun, 22 Oct 2006 17:22:53 -0500
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


On Sun, 22 Oct 2006 14:49:22 -0500 "K F (lists)"
<kf_lists () digitalmunition com> wrote:

Roman Medina-Heigl Hernandez wrote:


More or less according to HP advisory ("HPSBTU02163 SSRT061223")



which

marks the impact as POTENTIAL ("Potential Security Impact: Local



execution

of arbitrary code")


Don't mind the smoke and mirrors. HP always says that. Even with
working
root exploits in hand HP will release an advisory that say
'potential'.

don't believe me?

http://archives.neohapsis.com/archives/tru64/2002-q3/0019.html
http://downloads.securityfocus.com/vulnerabilities/exploits/TRU64_s



u.pl

funny how that works eh?

-KF

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


Politics should be avoided at all costs.
-----BEGIN PGP SIGNATURE-----
Note: This signature can be verified at https://www.hushtools.com/verify
Version: Hush 2.5

wpwEAQECAAYFAkU77z0ACgkQsGS6s78KOsWm+gQAk607hbBR6SB2kchEbaT4Ie8fnM0F
KGtx1pW8+tlNTgaf4OjJNbzp3bDIvCn3yMk/kP9KjRrK8TMF9mfSQNwLFKfcmdXV1ruw
hsbZfDdPKF3Q6fK8CTBgh4j1vtlMzIkJhd4OAy1HgQxjuG9ie1M1z+ZKJ4aNHBV7Lo3Y
bAt74rE=
=Mlwk
-----END PGP SIGNATURE-----




Concerned about your privacy? Instantly send FREE secure email, no account required
http://www.hushmail.com/send?l=480

Get the best prices on SSL certificates from Hushmail
https://www.hushssl.com?l=485

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Previous By Date Next
Previous By Thread Next

Current thread: