Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Beginners error: Hewlett-Packards driver software executes rogue binary C:\Program.exe

From: Mario Vilas <mvilas () gmail com>
Date: Wed, 21 May 2014 22:17:48 +0200
On Wed, May 21, 2014 at 8:21 PM, Reindl Harald <h.reindl () thelounge net>wrote:


90 out of 100 security flaws in the past years where from the
category "hy should i bother about this and that, it is unlikely"



Nobody said anything about it being "unlikely". What's being argued is that
if your bug requires ad-hoc conditions to be exploited then it's more than
likely not a security bug at all - in all the scenarios proposed here, the
ad-hoc conditions are the problem, and there would be infinite more ways of
"exploiting" them.

This way of reporting fake security problems is good for gaining publicity
real fast, but not for much else. It's just noise.


-- 
“There's a reason we separate military and the police: one fights the enemy
of the state, the other serves and protects the people. When the military
becomes both, then the enemies of the state tend to become the people.”

_______________________________________________
Sent through the Full Disclosure mailing list
http://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/
Previous By Date Next
Previous By Thread Next

Current thread: