On 11/16/05, Barrie Dempster <[EMAIL PROTECTED]> wrote:
[...]
> Are we forgetting slammer ? A worm that attacked a product which you
> would expect to be used in a similar way.
>
> Backend or not, the system should be patched, being backend is not a
> justifiable reason for not patching the system.
On Wed, 2005-11-16 at 10:19 +0100, Marco Ermini wrote:
> On 11/15/05, InfoSecBOFH <[EMAIL PROTECTED]> wrote:
> > So why not start teaching some lessons David and release exploit code.
> > It seems that is the only way they learn and take thing seriously.
>
> Rarely this software did not run in a
On 11/15/05, InfoSecBOFH <[EMAIL PROTECTED]> wrote:
> So why not start teaching some lessons David and release exploit code.
> It seems that is the only way they learn and take thing seriously.
Rarely this software did not run in a what is considered "secured"
environment - I mean, this is rarely
So why not start teaching some lessons David and release exploit code.
It seems that is the only way they learn and take thing seriously.
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sp
Whilst looking over old Oracle bugs I discovered that a _fully_ _patched_
8.1.7.4 Oracle server is still vulnerable to the old extproc flaw
[http://www.ngssoftware.com/advisories/oraplsextproc.txt]; this flaw, when
exploited, allows a remote attacker without a userID and password to take
control of
