[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [FD] Backdoor.Win32.NinjaSpy.c / Remote Stack Buffer Overflow

To: "fulldisclosure@xxxxxxxxxxxx" <fulldisclosure@xxxxxxxxxxxx>
Subject: Re: [FD] Backdoor.Win32.NinjaSpy.c / Remote Stack Buffer Overflow
From: "network.mp4 via Fulldisclosure" <fulldisclosure@xxxxxxxxxxxx>
Date: Wed, 13 Jan 2021 07:42:17 +0000

Matthew Fernandez <matthew.fernandez@xxxxxxxxx> at Fri, 8 Jan 2021 07:53:44 
-0800:
> How should we be treating the stream of malware vulnerabilities you’ve 
> reported recently? If something is malware, surely I want to remove it from 
> my machine anyway? I’m all for full disclosure, but I’m just trying to 
> understand if there’s anything actionable list members could do with this 
> information. Thank you for your work on this, which is quite interesting to 
> follow by the way.
I personally think that those malware vulnerabilities are a great way to detect 
malware, however, they may be used a lot to infect vulnerable computers with 
even more malware. But it's still a backdoor and those are great for education 
about how such backdoors can be prevented, as list subscribers can see what 
mistakes did the programmer do and what mistakes they should not make.

Regards!

_______________________________________________
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/

Prev by Date: Re: [FD] Backdoor.Win32.Xtreme.yvp / Insecure Permissions EoP
Next by Date: Re: [FD] Trovent Security Advisory 2010-01 [updated] / CVE-2020-28208: Rocket.Chat email address enumeration vulnerability
Previous by thread: Re: [FD] Backdoor.Win32.NinjaSpy.c / Remote Stack Buffer Overflow
Next by thread: [FD] Open-Xchange Security Advisory 2021-01-07
Index(es):
- Date
- Thread