mailing list archives
Re: Dan Kaminsky Disclosure Methodology + Super Critical vulnerability disclosure in Windows
From: coderman <coderman () gmail com>
Date: Fri, 25 Jul 2008 12:38:43 -0700
On Fri, Jul 25, 2008 at 11:37 AM, Fredrick Diggle <fdiggle () gmail com> wrote:
... Fredrick Diggle security would like to
disclose a critical vulnerability in the Windows IPv4 network stack.
This vulnerability is trivially remotely exploitable and could doom
the entire internets if disclosed prior to being patched...
you bastard; i asked you not to reverse I)ruid's hashes!!
also, confirmed this vuln on NeXTSTEP 2.0 through 3.3 and RISC/ULTRIX
all versions. however, last known security contact for these vendors
is bouncing mail. i think they've already been pwned ~_~;
Full-Disclosure - We believe in it.
Hosted and sponsored by Secunia - http://secunia.com/