Jason Coombs wrote in news:[EMAIL PROTECTED]
> Morning Wood wrote:
>> ------------------------------------------------------------
>> - EXPL-A-2006-002 exploitlabs.com Advisory 048 -
>> ------------------------------------------------------------
>>
>> - MSVC 6.0 run file bug -
>
> Nice thinking, Donnie. This must be the "new class of vulnerability"
> that was hinted at by Microserfs a few months ago... The attacks are
> launched by way of source code distributions rather than binary code.
Why is this a terrible insecure microsoftism, when GNU make does exactly
the same?
And let's never forget those evil 'configure' scripts. Hell, at least
they actually *have* been an attack vector on several occasions.
cheers,
DaveK
--
Can't think of a witty .sigline today....
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
