[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-disclosure] Secunia PSI (RC3) - memory corruption condition



Hi,

Thank you for the report.

Based on the provided information, this is not a security issue (as
securityfocus wrongfully hasted to conclude), but rather a bug (in an ancient
release candidate).

If you have any further details, please send those to
security@xxxxxxxxxxxx

-- 
Kind regards,

Thomas Kristensen
CTO

Secunia 
Weidekampsgade 14A
DK-2300 Copenhagen S
Denmark

Phone:  +45 7020 5144
Fax:    +45 7020 5145

Looking for a vulnerability research and reversing job?
http://secunia.com/corporate/jobs/open_positions/


On Wed, 2009-09-02 at 21:15 +0200, exploit dev wrote:
> Hi 
> I have detect, in some circumstance, a memory corruption issue in
> Secunia PSI (release candidate 3). 
> The vendor was contacted without response.
> 
> ...I know that this kind of issues in release candidate are not so
> rare but if you are interested check:
> 
> http://extraexploit.blogspot.com/2009/09/secunia-psi-rc3-undefined-memory.html
> 
> 
> Regards
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/