[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-disclosure] MailEnable W3C Logging Remote Buffer Overflow Proof of Concept

To: "user1" <user1@xxxxx>
Subject: Re: [Full-disclosure] MailEnable W3C Logging Remote Buffer Overflow Proof of Concept
From: advisory@xxxxxxxxxxx
Date: Fri, 7 Oct 2005 15:34:38 -0700 (PDT)

?We will patch you even if you want it or not ? :D?
 First and foremost, This POC was designed for use network administrators
on their own network. We never intended this to be converted into a bot
and spread. I can?t see how a bot that systematically disables its
victims would spread that well anyway. We are attempting to facilitate
the previously tedious job of patching multiple machines on a given
network. Only those with malicious intent should find annoyance in this
advisory.


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

References:
- [Full-disclosure] MailEnable W3C Logging Remote Buffer Overflow Proof of Concept
  - From: advisory
- Re: [Full-disclosure] MailEnable W3C Logging Remote Buffer Overflow Proof of Concept
  - From: user1

Prev by Date: [Full-disclosure] MDKSA-2005:177 - Updated hylafax packages fix temporary file vulnerability
Next by Date: RE: [Full-disclosure] Interesting idea for a covert channel or I justdidn't research enough?
Previous by thread: Re: [Full-disclosure] MailEnable W3C Logging Remote Buffer Overflow Proof of Concept
Next by thread: [Full-disclosure] [SECURITY] [DSA 846-1] New cpio packages fix several vulnerabilities
Index(es):
- Date
- Thread