Vulnerability Development: Re: lpd exploit?

[WebFusion System Administrator <graeme.f () WEBFUSION CO UK>]

> It was a polite request to everyone that they respect a coders
possibility
> to publish such an exploit to a public arena where his situation can
be
> explained. You make it look as if I coded it so script kiddies could
crack
> boxes.
I didn't intend to do that - I simply followed up the so-far
uninteresting thread about LPRng exploits with the real code, which
people had been asking for. This is the first time I, and I reckon the
majority of the readers of VULN-DEV, have seen this code for real -
until now it's been vapourware.

It works. It's real. Now it can be discussed properly, and explained,
and patched. The sooner the better IMHO, and I will be looking at the
code over the weekend to see if I can cobble a patch together on my home
box. Having said that, my skills in that direction are a little poor...
I'm much better at spotting these things being run than actually coding
them in the first place (I'm a networks person, not a coder).

> If you cannot respect that, fine...end of debate.
I do respect that, I was just a little taken aback by your email - as
you obviously were with mine.

Now it's out in the open you've got the perfect chance to explain away,
even if it has come rather sooner than you expected - for which I offer
my apologies.

I battle script kiddies every day of my working life, so if I can get a
head start on them, all well and good. Now I have one, thanks to an
untidy intruder, for this exploit...

Regards

Graeme