Home page logo

fulldisclosure logo Full Disclosure mailing list archives

Re: Microsoft Windows vulnerability in TCP/IP Could Allow Remote Code Execution (2588516)
From: Jon Kertz <jon.kertz () gmail com>
Date: Fri, 11 Nov 2011 17:49:02 -0500

On Fri, Nov 11, 2011 at 5:28 PM, xD 0x41 <secn3t () gmail com> wrote:
I am shocked, howmany socalled 'skilled' people, cannot get this bug
to work...  but, theyre NOT the ones whining about code :)

I didn't ask for a proof of concept, I told you to explain the bug
and/or your claims with code. There is a difference.

You've come here making some outrageous claims that you can trigger
the bug with one packet, how we're all wrong about the timing aspect
of the bug, and even a rather unusual description of the bug itself
(which was difficult to interpret, but seems flat out wrong, however
it may be due to the language barrier). We can look beyond your broken
English and read code, whether it be disassembly or a proof of
concept, then determine if your claims are sensible or not. You've
made statements that seem to indicate have analyzed the bug and
attempted to describe it, so I'm asking you to put that in a form we
can all understand and that isn't bound by language limitations. I can
read disassembly, I can't read and comprehend your English.

I'm trying not to jump to conclusions here, but so far you've made
claims that no one else seems to back up and it appears you are just
blathering and foaming at the mouth to appear l33t like a lot of other
people talking about this bug. You can resolve that by providing code
to prove your claims, otherwise no one is going to listen to you or

Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]