Home page logo
  • Nmap Security Scanner
  • Security Lists
  • Security Tools
  • Site News
  • Advertising
  • About/Contact
  • Sponsors:

    Acunetix



/

fulldisclosure logo Full Disclosure mailing list archives

Re: Google vulnerabilities with PoC
From: Alfredo Ortega <alfred () groundworkstech com>
Date: Fri, 14 Mar 2014 15:54:14 -0300
Oh and this guy Shadown seems pretty knowledgeable too.

BTW now I have to read what is this about,lets see...

Alright, from TFA:

"That means that a door was open for anyone to upload any file of
choice. Whether this is a security vulnerability or not, I will leave
that to your discretion"

Not even you are sure this is a real vulnerability. It is not.



On 03/14/2014 03:36 PM, Alfredo Ortega wrote:

Mario has years of experience (more than 10 in fact) in exploit writing
and vulnerability assessment. I would consider his position on the subject.

If you don't believe me, Argentina extended me certifications that
proves that I can tell who has vulnerability assesment skills and who
does not.

If you don't believe in Argentina, you should know the ONU accepts it as
a sovereign independent country.

That is the complete certificate chain proving you that Mario is not an
idiot as you inferred.

Best regards,

Alfred


On 03/14/2014 10:50 AM, Sergio 'shadown' Alvarez wrote:

Dear Nicholas Lemonias,

I don't use to get in these scrapy discussions, but yeah you are in a completetly different level if you compare 
yourself with Mario.
You are definitely a Web app/metasploit-user guy and pick up a discussion with a binary and memory corruption ninja 
exploit writter like Mario. You should know your place and shut up. Period.

Btw, if you dare discussing with a beast like lcamtuf, you are definitely out of your mind.

Cheers,
  Sergio.
-- Sergio

On Mar 14, 2014, "Nicholas Lemonias." <lem.nikolas () googlemail com> wrote:

We are on a different level perhaps. We do certainly disagree on those
points.
I wouldn't hire you as a consultant, if you can't tell if that is a
valid
vulnerability..



_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]