On Mon, 22 Sep 2003 12:06:03 +0200, Michal Zalewski said: > ...why would there be any exploits in the wild if they have > indeed discovered the flaw on their own? Though I'm trying > really hard, I can't read "we discovered a flaw" as "we have > overheard about a flaw" or "we are aware of a flaw". Charles Darwin and Alfred Wallace independently came up with the concept of natural selection. Remember - it's open source, it isn't like the ISS X-Force guys sprinkled magic exploit dust on a printout and the flaw was revealed to them alone. More likely, they found the bug, and then realized that if they could find it, a black hat with an unpublished exploit could have found it too.
Attachment:
pgp00059.pgp
Description: PGP signature