[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Full-disclosure] Microsoft Windows vulnerability in TCP/IP Could Allow Remote Code Execution (2588516)
- To: "Thor (Hammer of God)" <thor@xxxxxxxxxxxxxxx>
- Subject: Re: [Full-disclosure] Microsoft Windows vulnerability in TCP/IP Could Allow Remote Code Execution (2588516)
- From: Georgi Guninski <guninski@xxxxxxxxxxxx>
- Date: Sun, 13 Nov 2011 20:39:07 +0200
On Thu, Nov 10, 2011 at 05:47:07PM +0000, Thor (Hammer of God) wrote:
> So, I've looked about on the web to see what software of any consequence you
> have written, but I can't find any. Can you point me to anything that
> illustrates that you know how to develop wide scale software applications and
> execute an SDL plan, or do you just like to sit back and bitch about everyone
> else without actually doing anything? I'm serious - I'd really like to know.
> Over all these years, all I've ever seen from you is talk about how stupid
> everyone else is, but I've never once actually seen you do anything
> constructive.
>
> t
>
> -----Original Message-----
> From: full-disclosure-bounces@xxxxxxxxxxxxxxxxx
> [mailto:full-disclosure-bounces@xxxxxxxxxxxxxxxxx] On Behalf Of Georgi
> Guninski
> Sent: Thursday, November 10, 2011 8:48 AM
> To: xD 0x41
> Cc: full-disclosure@xxxxxxxxxxxxxxxxx
> Subject: Re: [Full-disclosure] Microsoft Windows vulnerability in TCP/IP
> Could Allow Remote Code Execution (2588516)
>
> On Thu, Nov 10, 2011 at 08:46:44AM +1100, xD 0x41 wrote:
> > You could just google for IRC packs of win2k src ;) I know i have a
> > copy of it somewhere... acvtually tho, would not be helpful tho, as it
> > does not affect win2k.. so i guess there would be some code there but
> > not the code you want.
> >
> > @george
> > and, ideally if 'years' ago existed for this exploit but, it does only
> > affect v6 and up , this is tested.... so xp/2k/2k3 not affected...
> > still, i know people are using other ways anyhow , and thats just how
> > botting is... one way dies, one takes its place :s i guess we wait for
> > the rls of this.. maybe!
> >
> >
>
> as in real life, real bugs die (the imaginary case is not clear to me).
>
> i suppose "trustworthy computing" doesn't mean "not many bugs still alive".
>
> --
> j
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
You mad bro?
http://www.theregister.co.uk/2011/11/09/nov_patch_tuesday/
Patch Tuesday leaves Duqu 0-day for another day
"Trustworthy computing" is questionably alive and Duqu (including
future mutations) is completely alive.
On which one a sane better would bet?
--
j
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/