Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

Re: MSIE src&name property disclosure
From: Dave Aitel <dave () immunitysec com>
Date: Mon, 15 Nov 2004 15:37:42 -0500

That's a good question for your Microsoft sales rep. If you want technical details, Immunity has a working and reliable Wins exploit in the Vulnerability Sharing Club version of CANVAS. I think there's an interesting difference between how the Linux community handled the recent kernel bugs, and how Microsoft and other commercial vendors handle all bugs.

Dave Aitel
Immunity, Inc.

joe wrote:

How is it an example?

-----Original Message-----
From: full-disclosure-admin () lists netsys com
[mailto:full-disclosure-admin () lists netsys com] On Behalf Of Dave Aitel
Sent: Monday, November 08, 2004 9:49 AM
To: Michal Zalewski
Cc: Berend-Jan Wever; full-disclosure () lists netsys com;
bugtraq () securityfocus com
Subject: Re: [Full-disclosure] MSIE src&name property disclosure

<SNIP>
WINS is a classic example.
<SNIP>

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]