Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

Re: HP Tru64 dtmail bug - Really exploitable?
From: "K F (lists)" <kf_lists () digitalmunition com>
Date: Sun, 22 Oct 2006 15:49:22 -0400

Roman Medina-Heigl Hernandez wrote:

More or less according to HP advisory ("HPSBTU02163 SSRT061223") which
marks the impact as POTENTIAL ("Potential Security Impact: Local execution
of arbitrary code") 

Don't mind the smoke and mirrors. HP always says that. Even with working 
root exploits in hand HP will release an advisory that say 'potential'.

don't believe me?

http://archives.neohapsis.com/archives/tru64/2002-q3/0019.html
http://downloads.securityfocus.com/vulnerabilities/exploits/TRU64_su.pl

funny how that works eh?

-KF

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]