funsec mailing list archives
RE: [Full-disclosure] WMF round-up, updates and de-mystification
From: "Peter Ferrie" <pferrie () symantec com>
Date: Tue, 3 Jan 2006 09:04:55 -0800
In this URL you can find the best write-up I have seen on the WMF issue: http://blogs.securiteam.com/index.php/archives/167 <http://blogs.securiteam.com/index.php/archives/167> By Matthew Murphy at the "Securiteam Blogs".
And yet, he calls it a bug, which it isn't. It's actually a feature, it has legitimate purposes, and has been present in Windows for 15 years, and people are noticing only now just what you can do with it. While I'm not defending Microsoft here, since I think that it was a poor design in the first place, let's at least get that part right. _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- New from the MS Advisory, (continued)
- New from the MS Advisory Larry Seltzer (Jan 04)
- New from the MS Advisory Larry Seltzer (Jan 04)
- Re[2]: WMF round-up, updates and de-mystification Pierre Vandevenne (Jan 03)
- Re: WMF round-up, updates and de-mystification Gadi Evron (Jan 03)
- Re: Re: WMF round-up, updates and de-mystification dudevanwinkle () gmail com (Jan 03)
- Re[2]: WMF round-up, updates and de-mystification Pierre Vandevenne (Jan 03)
- Re[2]: WMF round-up, updates and de-mystification Pierre Vandevenne (Jan 04)
- Re[2]: WMF round-up, updates and de-mystification Pierre Vandevenne (Jan 04)
- Re: WMF round-up, updates and de-mystification Gadi Evron (Jan 03)
- Re: WMF round-up, updates and de-mystification Gadi Evron (Jan 03)