[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Full-disclosure] Dan Kaminsky Disclosure Methodology + Super Critical vulnerability disclosure in Windows
- To: "Fredrick Diggle" <fdiggle@xxxxxxxxx>
- Subject: Re: [Full-disclosure] Dan Kaminsky Disclosure Methodology + Super Critical vulnerability disclosure in Windows
- From: coderman <coderman@xxxxxxxxx>
- Date: Fri, 25 Jul 2008 12:38:43 -0700
On Fri, Jul 25, 2008 at 11:37 AM, Fredrick Diggle <fdiggle@xxxxxxxxx> wrote:
> ... Fredrick Diggle security would like to
> disclose a critical vulnerability in the Windows IPv4 network stack.
> This vulnerability is trivially remotely exploitable and could doom
> the entire internets if disclosed prior to being patched...
you bastard; i asked you not to reverse I)ruid's hashes!!
also, confirmed this vuln on NeXTSTEP 2.0 through 3.3 and RISC/ULTRIX
all versions. however, last known security contact for these vendors
is bouncing mail. i think they've already been pwned ~_~;
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/