[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Full-Disclosure] Re: openssh remote exploit

To: full-disclosure@xxxxxxxxxxxxxxxx
Subject: [Full-Disclosure] Re: openssh remote exploit
From: Richard Johnson <rdump@xxxxxxxxx>
Date: Wed, 17 Sep 2003 09:38:26 -0600

In article <3F6791B2.4080003@xxxxxxxxxxx>,
 Blue Boar <BlueBoar@xxxxxxxxxxx> wrote:

> Darren Reed wrote:
> > No.  Does a vulnerability need an exploit before it becomes a hole ?
> 
> A programming error needs to be exploitable before it can be conclusively 
> called a vulnerability or a hole.  One doesn't need to create an exploit 
> for it to be exploitable, but it rather nicely answers the question, 
> doesn't it?  It also often helps clarify what class of vulnerability it is.
> 
> None of which is news to you, you've been around a long time.  Are you 
> baiting trolls or what?

No, it's grinding of axes.  I think the blade on the one he's using is 
about gone, though.  Well, one can hope...

Richard

-- 
My mailbox. My property. My personal space. My rules. Deal with it.
                        http://www.river.com/users/share/cluetrain/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

References:
- Re: [Full-Disclosure] openssh remote exploit
  - From: Darren Reed
- Re: [Full-Disclosure] openssh remote exploit
  - From: Blue Boar

Prev by Date: Re: [Full-Disclosure] Exploiting Multiple Flaws in Symantec Antivirus 2004 for Windows Mobile
Next by Date: Re: [Full-Disclosure] Lun_mountd.c vs mounty.c
Previous by thread: Re: [Full-Disclosure] openssh remote exploit
Next by thread: Re: [Full-Disclosure] openssh remote exploit
Index(es):
- Date
- Thread