Bugtraq: Re: Download Accelerator Plus can be tricked to download malicious file

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Bugtraq mailing list archives

Re: Download Accelerator Plus can be tricked to download malicious file

From: "Dave Korn" <davek_throwaway () hotmail com>
Date: Fri, 6 Jan 2006 18:52:14 -0000

visitbipin () hotmail com wrote in
news:20060105180806.22333.qmail () securityfocus com

Just n' update:
DAP searches for all its mirrors from mirrorsearch.speedbit.com

I have no knowledge about HOW the mirrors are gathered.


  Then your report should have been titled "Maybe DAP can be tricked to
download malicious file, maybe not, I haven't got any idea because I haven't
bothered to find out".

  Or even better, you shouldn't have bothered posting it because it has zero
content.  "There might or might not be a vulnerability in application X" is
NOT information.  Uninformed speculation is NOT information.

  What you actually observed was DAP not being tricked and not downloading a 
malicious file.  What you wrote was the exact opposite.  Your report is 
fraudulent and utterly dishonest.

    cheers,
      DaveK
-- 
Can't think of a witty .sigline today....

By Date By Thread

Current thread:

Download Accelerator Plus can be tricked to download malicious file visitbipin (Jan 04)
- RE: Download Accelerator Plus can be tricked to download malicious file NaPa (Jan 05)
- <Possible follow-ups>
- Re: Download Accelerator Plus can be tricked to download malicious file visitbipin (Jan 05)
  - Re: Download Accelerator Plus can be tricked to download malicious file Dave Korn (Jan 06)