[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-Disclosure] Another Low Blow From Microsoft: MBSA Failure!

To: Valdis.Kletnieks@vt.edu
Subject: Re: [Full-Disclosure] Another Low Blow From Microsoft: MBSA Failure!
From: "Kenneth R. van Wyk" <Ken@KRvW.com>
Date: Wed, 11 Feb 2004 11:58:10 -0500

Valdis.Kletnieks@vt.edu wrote:

Remember - if the exploit works, you have a problem. Failure of the exploit to work does NOT mean you don't have a problem - somebody with a different version that has a critical offset set to 4 more or less may make swiss cheese of your network.

Yes, excellent point. Phrased somewhat differently, software testing only detects the presence of a problem, not the absence of one. I believe that that subtle but oh-so-important point is not understood far too often.

Cheers,

Ken van Wyk
--
KRvW Associates, LLC
CERT® Certified Computer Security Incident Handler
http://www.KRvW.com

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

References:
- [Full-Disclosure] Another Low Blow From Microsoft: MBSA Failure!
  - From: <dotsecure@hushmail.com>
- Re: [Full-Disclosure] Another Low Blow From Microsoft: MBSA Failure!
  - From: "morning_wood" <se_cur_ity@hotmail.com>
- Re: [Full-Disclosure] Another Low Blow From Microsoft: MBSA Failure!
  - From: Valdis.Kletnieks@vt.edu

Prev by Date: Re: [Full-Disclosure] Re: Re: DoomJuice.A, Mydoom.A source code
Next by Date: [Full-Disclosure] SGI Advanced Linux Environment security update #10
Previous by thread: Re: [Full-Disclosure] Another Low Blow From Microsoft: MBSA Failure!
Next by thread: Re: [Full-Disclosure] Another Low Blow From Microsoft: MBSA Failure!
Index(es):
- Date
- Thread