Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Another 0day to sell.

From: "Joey Mengele" <joey.mengele () hushmail com>
Date: Thu, 13 Sep 2007 14:02:20 -0400
If you can't see that knowledge of an impending sale in a 0day 
vulnerability in a specific and publicly disclosed product can help 
you to mitigate risk against said product in a customers 
environment, then I am afraid I must speculate you are not as 
educated as a CISSP, and are therefore not even qualified to 
develop a password policy, let alone be doing security stuff!

Any good CISSP will tell you there is more to security than 
patching! Even some of the bad ones know LOLOL! Unfortunately, most 
hacker/cracker webgangs are in on it too!

J
CISSP

On Thu, 13 Sep 2007 13:54:14 -0400 Alex Robar 
<alex.robar () gmail com> wrote:

Thank you for actually looking it up. Now that we've got that 
squared
away...

I agree that it's valuable to see what those 0day threats are, but 
that's
the key: You don't tell the list. You don't say what they are, and 
_that_ is
the point of full-disclosure. If you were to post what type of
vulnerabilities you had, what software they affected... Then I 
wouldn't have
any type of problem with you offering to sell them. You discovered 
them, and
you're within your rights to do whatever you want with them. But 
you posting
that you've got a random 0day to sell doesn't help raise the level 
of
protection my customers get.

AR

On 9/13/07, Joey Mengele <joey.mengele () hushmail com> wrote:


Thanks for the biography. If you are indeed being sincere, I am
interested in knowing why you wouldn't find it a valuable 

service

to have people publicly attempting to broker deals on the list.

What I mean is, wouldn't it raise the GEARYTECH, INC. THREATCON 

a

notch or two if someone was attempting to sell a 0day in a piece 

of

software that GEARYTECH, INC. has facing The Internets?

But honestly Mr. Rebar, isn't it easy to just ignore the one
message that seems to bother only you and that other crybaby, 

the

Guasconi guy?

J

"0day happens"

On Thu, 13 Sep 2007 13:38:19 -0400 Alex Robar
<alex.robar () gmail com> wrote:

I don't discover vulnerabilities; It's not my job or an area of
interest to
me. I'm on this list to catch any vulnerabilities in software 

that

my
company deploys to client networks, and deal with protecting 

them

from said
vulnerabilities. Different people offer to sell exploits quite
often on this
list, and they're all told the same thing: Go somewhere else. 

Read

the
charter for what you're supposed to post here.

AR

On 9/13/07, Joey Mengele <joey.mengele () hushmail com> wrote:


LOLOLOLOLOLOL keep replying!!!

Do you know any cool security stuff?

J

On Thu, 13 Sep 2007 13:16:28 -0400 Alex Robar
<alex.robar () gmail com> wrote:

Right, right... "Someone else can prove that you aren't who 

you

say you
are." Good argument. Do a little research before posting

something

like
that.

AR

On 9/13/07, Joey Mengele <joey.mengele () hushmail com> wrote:


I think Dr. Neal Krawetz could easily prove Alex Robar is

actually

the same person as this Guasconi fag. Neither have 

provided

anything of value to the list. Unless you count self

important

opinions and the tendency to speak for the entire body of 

the

list.

Geesh dude, even I post some security stuff!

So anyway Alex/Guasconi/n3td3v, keep trolling now that 

your

secret

is exposed. Or, prove that you are not all the same person 

if

it

is

not so.

J

On Thu, 13 Sep 2007 12:18:28 -0400 Alex Robar
<alex.robar () gmail com> wrote:

"Full disclosure", much like how it sounds, is for fully
disclosing
vulnerabilities that you've found. Guasconi is right - 

This

list

isn't for
selling exploits you've discovered.

AR

On 9/13/07, Joey Mengele <joey.mengele () hushmail com> 

wrote:


I think offers to sell 0day are more relevant to this 

list

than

the

stupid trash and one line comments you have provided

consistently

during your time here. Maybe you should stop or find a 

new

list?

Or

just kill yourself, perhaps...

J

On Thu, 13 Sep 2007 02:47:45 -0400 Guasconi Vincent
<tyoptyop () gmail com> wrote:

On 9/12/07, Juergen Marester 

<marester.juergen () gmail com>

wrote:

Thanks for people who bought me codes since my last

post.

I also have other 0day to sell. Contact by e-mail.


Stop.

--
Guasconi Vincent
Student.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-

charter.html

Hosted and sponsored by Secunia - http://secunia.com/


--
Click for free info on rehab treatments for drug & 

alcohol

dependency.










http://tagline.hushmail.com/fc/Ioyw6h4eH4ipKWT7bgKiT735WpgEy1lOu

P

m

u

Ht3RDlVRKDdbkjCRPS/


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-

charter.html

Hosted and sponsored by Secunia - http://secunia.com/





--
Alex Robar
alex.robar () gmail com


--
Click here for free information on starting a business 

from

your

home.








http://tagline.hushmail.com/fc/Ioyw6h4dA5RsHere4CNg8GgV7mRB35uzN7

t

E

tJaqcvuCZNvnFtu6Y1/






--
Alex Robar
alex.robar () gmail com


--
Click now and find the perfect favors for any occasion!




http://tagline.hushmail.com/fc/Ioyw6h4fF8B62vyiPEzWrCWumSdE7DSdP36

O

1EwLbUYNMPOkcOGR3n/






--
Alex Robar
alex.robar () gmail com


--
Don't throw your computer away! Click now for expert computer 

repair!




http://tagline.hushmail.com/fc/Ioyw6h4dHnrqFQpGXOxdKtNlK0fa9ANaeTcJ
uJChMOTUcYhrVBSgeJ/






-- 
Alex Robar
alex.robar () gmail com


--
Prices, software, charts & analysis.  Click here to open your online FX trading account.
http://tagline.hushmail.com/fc/Ioyw6h4eApyjADBbpGV3nLDaKFtFTBnYAX11AzGYtz94EsEbN8jAMo/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Previous By Date Next
Previous By Thread Next

Current thread: