Home page logo

fulldisclosure logo Full Disclosure mailing list archives

Re: Administrivia: List Compromised due to Mailman Vulnerability
From: Valdis.Kletnieks () vt edu
Date: Wed, 09 Feb 2005 15:32:16 -0500

On Wed, 09 Feb 2005 14:14:35 CST, Frank Knobbe said:

heh... nah, having John look at the cert and say "Yup, that's mine" is
enough of a trust-level for me. (On the other hand, if he says "Oh
shit!" then the verification step has served its purpose :)

Unless we have a Schrodinger's Cat John who manifests itself twice, once
saying "Yup" and once saying "Oh shit!". :)

(Note that under some circumstances, an attacker spoofing a "Oh Shit!" can
be useful... ;)

Attachment: _bin

Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]