t; *Sent:* 6. oktober 2008 14:05
> *To:* full-disclosure@lists.grok.org.uk
> *Subject:* [Full-disclosure] Windows Oday
>
> Hi,
> IE8 && FF3 0days for sale
>
> Mark Wellberg
>
>
>
>
> ___
> Full-Disclo
0day pictures of Mark's mom for sale
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Mark
Wellberg
Sent: 6. oktober 2008 14:05
To: full-disclosure@lists.grok.org.uk
Subject: [Full-disclosure] Windows Oday
Hi,
IE8 && FF3 0days f
Hi,
IE8 && FF3 0days for sale
Mark Wellberg
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
>
>
> What is funny however, is that Microsoft, the great supporter of
> "responsible disclosure" actually is the main sponsor ("patron") of the
> SyScan conference: http://syscan.org/ which is organized by Thomas.
> Maybe it's a sign that Microsoft realized that free "responsible
> disclosure" id
On Tue, 12 Jun 2007 [EMAIL PROTECTED] wrote:
> Dear all, this is not a 0day
The author never claimed so; in fact, the subject line clearly states it's
a O-day, not a 0-day.
This presumably denotes Saint Onuphrius, commemorated on the day this
advisory got published.
You can now admit to a defea
On 6/13/07, Joanna Rutkowska <[EMAIL PROTECTED]> wrote:
One (I guess some "responsible disclosure" purist) could ask why they
waited 6 months before reporting this vulnerability to the vendor? What
were they doing with this exploit for the whole 6 months?
maybe they were waiting for VistaX64
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
[EMAIL PROTECTED] wrote:
> On 2007-06-13 02:58+0800, Thomas Lim wrote:
>> dear all
>
> Dear all, this is not a 0day, it is a public release of a responsibly
> disclosed vulnerability.
>
Yes, indeed it *seems* so:
http://www.microsoft.com/technet/sec
dear all,
thanks for this nice thread.
---
http://www.secgeeks.com
get a blog on SecGeeks :)
register here:-
http://secgeeks.com/user/register
rss feeds :-
http://secradar.com/node/feed
http://www.newskicks.com
Submit and kick for new stories from all around t
Dear all,
Gadi Evron is a brilliant genius, much smarter than Thomas Lim.
J
On Tue, 12 Jun 2007 16:21:56 -0400 [EMAIL PROTECTED] wrote:
>On 2007-06-13 02:58+0800, Thomas Lim wrote:
>>dear all
>
>Dear all, this is not a 0day, it is a public release of a
>responsibly
>disclosed vulnerability.
>
>
On 2007-06-13 02:58+0800, Thomas Lim wrote:
>dear all
Dear all, this is not a 0day, it is a public release of a responsibly
disclosed vulnerability.
Thank you for sharing your research,
Gadi.
>
>SChannel Off-By-One Heap Corruption
>===
>
>Discovery Date:
-Original Message-
From: Thomas Lim <[EMAIL PROTECTED]>
To: full-disclosure@lists.grok.org.uk ;
[EMAIL PROTECTED] <[EMAIL PROTECTED]>; [EMAIL PROTECTED] <[EMAIL PROTECTED]>
Sent: Tue Jun 12 14:58:24 2007
Subject: Windows Oday release
dear all
SChannel Off-By-One Heap Corruption
==
dear all
SChannel Off-By-One Heap Corruption
===
Discovery Date:
28th August 2006
Date reported to Microsoft:
19th March 2007
Summary:
The Secure Channel (SChannel) library on WinXP-SP1/SP2 is vulnerable to
a off-by-one heap buffer overwrite. The SChannel library
12 matches
Mail list logo
