Next Page >>
Original Message
> you know why!
>
> Systems Administrator
> Virginia Tech
>
> -----Original Message-----
> From: Larry Seltzer [mailto:larry@larryseltzer.com]
> Sent: Wednesday, September 16, 2009 5:03 PM
> To: Susan Bradley; Thor (Hammer of God)
> Cc: full-disclosure@lists.grok.org.uk; bugtraq@securityfocus.com
> Subject: RE: [Full-disclosure] 3rd party patch for XP for MS09-048?
> you know why!
>
> Systems Administrator
> Virginia Tech
>
> -----Original Message-----
> From: Larry Seltzer [mailto:larry@larryseltzer.com]
> Sent: Wednesday, September 16, 2009 5:03 PM
> To: Susan Bradley; Thor (Hammer of God)
> Cc: full-disclosure@lists.grok.org.uk; bugtraq@securityfocus.com
> Subject: RE: [Full-disclosure] 3rd party patch for XP for MS09-048?
you know why!
Systems Administrator
Virginia Tech
-----Original Message-----
From: Larry Seltzer [mailto:larry@larryseltzer.com]
Sent: Wednesday, September 16, 2009 5:03 PM
To: Susan Bradley; Thor (Hammer of God)
Cc: full-disclosure@lists.grok.org.uk; bugtraq@securityfocus.com
Subject: RE: [Full-disclosure] 3rd party patch for XP for MS09-048?
>>> you know why!
>>>
>>> Systems Administrator
>>> Virginia Tech
>>>
>>> -----Original Message-----
>>> From: Larry Seltzer [mailto:larry@larryseltzer.com] Sent: Wednesday,
>>> September 16, 2009 5:03 PM
>>> To: Susan Bradley; Thor (Hammer of God)
>>> Cc: full-disclosure@lists.grok.org.uk; bugtraq@securityfocus.com
>>> Subject: RE: [Full-disclosure] 3rd party patch for XP for MS09-048?
--
Abe Getchell
me@abegetchell.com
https://abegetchell.com/
> -----Original Message-----
> From: Jim Harrison [mailto:Jim@isatools.org]
> Sent: Sunday, July 20, 2008 4:33 PM
> To: 'me@abegetchell.com'; 'Thor (Hammer of God)'; 'Johan Beisser'
> Cc: bugtraq@securityfocus.com
> Subject: RE: Windows Vista Power Management & Local Security Policy
Contributing Editor, PC Magazine
larry_seltzer@ziffdavis.com
http://blogs.pcmag.com/securitywatch/
-----Original Message-----
From: full-disclosure-bounces@lists.grok.org.uk
[mailto:full-disclosure-bounces@lists.grok.org.uk] On Behalf Of Susan
Bradley
Sent: Wednesday, September 16, 2009 2:26 PM
To: Thor (Hammer of God)
If someone can demonstrate an actual vulnerability or exploit on the basis of this bug _alone_, then they may have something to make noise about. There are enough real bugs and security vulns in software to deal with. Not every security issue spells doom and damnation or warrants immediate corrective response from the vendor.
Jim
-----Original Message-----
From: Abe Getchell [mailto:me@abegetchell.com]
Sent: Sunday, July 20, 2008 12:32 PM
To: 'Thor (Hammer of God)'; Jim Harrison; 'Johan Beisser'
Cc: bugtraq@securityfocus.com
Subject: RE: Windows Vista Power Management & Local Security Policy
t
> -----Original Message-----
> From: Larry Seltzer [mailto:larry@larryseltzer.com]
> Sent: Wednesday, September 16, 2009 8:21 AM
> To: Thor (Hammer of God); Eric C. Lukens; bugtraq@securityfocus.com
> Cc: full-disclosure@lists.grok.org.uk
> Subject: RE: [Full-disclosure] 3rd party patch for XP for MS09-048?
> 2) Think things through. If you are going to try to boot sales of Win7 to corporate customers by providing free XP VM technology and thus play up how important XP is and how many companies still depend upon it for business critical application compatibility, don't deploy that technology in an other-than-default configuration that is subject to a DoS exploit while downplaying the extent that the exploit may be leveraged by saying that a "typical" default configuration mitigates it while choosing not to ever patch it. Seems like simple logic points to me.
>
> t
>
>
>> -----Original Message-----
>> From: Susan Bradley [mailto:sbradcpa@pacbell.net]
>> Sent: Wednesday, September 16, 2009 10:16 AM
>> To: Thor (Hammer of God)
>> Cc: bugtraq@securityfocus.com; full-disclosure@lists.grok.org.uk
>> Subject: Re: [Full-disclosure] 3rd party patch for XP for MS09-048?
--
Abe Getchell
me@abegetchell.com
https://abegetchell.com/
> -----Original Message-----
> From: Thor (Hammer of God) [mailto:thor@hammerofgod.com]
> Sent: Saturday, July 19, 2008 6:20 PM
> To: me@abegetchell.com; Jim Harrison; bugtraq@securityfocus.com
> Subject: RE: Windows Vista Power Management & Local Security Policy
>
2) Think things through. If you are going to try to boot sales of Win7 to corporate customers by providing free XP VM technology and thus play up how important XP is and how many companies still depend upon it for business critical application compatibility, don't deploy that technology in an other-than-default configuration that is subject to a DoS exploit while downplaying the extent that the exploit may be leveraged by saying that a "typical" default configuration mitigates it while choosing not to ever patch it. Seems like simple logic points to me.
t
> -----Original Message-----
> From: Susan Bradley [mailto:sbradcpa@pacbell.net]
> Sent: Wednesday, September 16, 2009 10:16 AM
> To: Thor (Hammer of God)
> Cc: bugtraq@securityfocus.com; full-disclosure@lists.grok.org.uk
> Subject: Re: [Full-disclosure] 3rd party patch for XP for MS09-048?
Kurt Dillard
-----Original Message-----
From: kattrap@gmail.com [mailto:kattrap@gmail.com] On Behalf Of Andrea Lee
Sent: Monday, December 13, 2010 2:12 PM
To: Thor (Hammer of God)
Cc: George Carlson; bugtraq@securityfocus.com;
full-disclosure@lists.grok.org.uk
*http://www.amazon.com/Windows-Vista-Security-Securing-Malicious/dp/0470
101555
*****************************************************************
-----Original Message-----
From: Thor (Hammer of God) [mailto:thor@hammerofgod.com]
Sent: Friday, November 02, 2007 1:19 AM
To: Roger A. Grimes; bugtraq@securityfocus.com;
full-disclosure@lists.grok.org.uk
Cc: Alex Eckelberry; Gadi Evron
>
> Thanks,
> Mitja
>
>
>> -----Original Message-----
>> From: Thor (Hammer of God) [mailto:thor@hammerofgod.com]
>> Sent: Thursday, June 02, 2011 6:00 PM
>> To: security@acrossecurity.com; 'Dan Kaminsky'
>> Cc: full-disclosure@lists.grok.org.uk; bugtraq@securityfocus.com
>> Subject: RE: [Full-disclosure] COM Server-Based Binary
Contributing Editor, PC Magazine
larry_seltzer@ziffdavis.com
http://blogs.pcmag.com/securitywatch/
-----Original Message-----
From: full-disclosure-bounces@lists.grok.org.uk
[mailto:full-disclosure-bounces@lists.grok.org.uk] On Behalf Of Thor
(Hammer of God)
Sent: Wednesday, September 16, 2009 11:00 AM
To: Eric C. Lukens; bugtraq@securityfocus.com
complete and accurate information should be made available to the
public.
t
> -----Original Message-----
> From: Craig Wright [mailto:Craig.Wright@bdo.com.au]
> Sent: Wednesday, June 18, 2008 2:43 PM
> To: Thor (Hammer of God); security-basics@lists.securityfocus.com;
> bugtraq@securityfocus.com
> Subject: RE: A more detailed description of the Jura F90
>-----Original Message-----
>From: kattrap@gmail.com [mailto:kattrap@gmail.com] On Behalf Of Andrea
>Lee
>Sent: Monday, December 13, 2010 9:12 AM
>To: Thor (Hammer of God)
>Cc: George Carlson; bugtraq@securityfocus.com; full-
>disclosure@lists.grok.org.uk
>Subject: Re: [Full-disclosure] Flaw in Microsoft Domain Account Caching Allows
>Local Workstation Admins to Temporarily Escalate Privileges and Login as
>Cached Domain Admin Accounts (2010-M$-002)
If users around the world still visit sites to download the storm worm, is it unreasonable to assume that they may execute a rdp or citrix file?
-Alex
-----Original Message-----
From: gjgowey@tmo.blackberry.net [mailto:gjgowey@tmo.blackberry.net]
Sent: Thursday, October 11, 2007 8:28 AM
To: pdp (architect); Thor (Hammer of God)
Cc: full-disclosure@lists.grok.org.uk; bugtraq@securityfocus.com
Subject: Re: [Full-disclosure] Remote Desktop Command Fixation Attacks
I get the whole "XP code to too old to care" bit, but it seems odd to take that "old code" and re-market it around compatibility and re-distribute it with free downloads for Win7 while saying "we won't patch old code."
t
> -----Original Message-----
> From: full-disclosure-bounces@lists.grok.org.uk [mailto:full-
> disclosure-bounces@lists.grok.org.uk] On Behalf Of Thor (Hammer of God)
> Sent: Wednesday, September 16, 2009 8:00 AM
> To: Eric C. Lukens; bugtraq@securityfocus.com
> Cc: full-disclosure@lists.grok.org.uk
a security threat, it's simply the OS acting like it should :)
Regards,
Jeroen
-----Original Message-----
From: Andrew Barkley <barkley@usa.net>
To: Jeroen <nowhereman@moenen.org>
Subject: Re: Circumventing Critical Security in Windows XP
Date: Sat, 20 Feb 2010 04:20:46 -0000
> I get the whole "XP code to too old to care" bit, but it seems odd to take that "old code" and re-market it around compatibility and re-distribute it with free downloads for Win7 while saying "we won't patch old code."
>
> t
>
>
>> -----Original Message-----
>> From: full-disclosure-bounces@lists.grok.org.uk [mailto:full-
>> disclosure-bounces@lists.grok.org.uk] On Behalf Of Thor (Hammer of God)
>> Sent: Wednesday, September 16, 2009 8:00 AM
>> To: Eric C. Lukens; bugtraq@securityfocus.com
>> Cc: full-disclosure@lists.grok.org.uk
t
> -----Original Message-----
> From: Abe Getchell [mailto:me@abegetchell.com]
> Sent: Saturday, July 19, 2008 12:33 AM
> To: 'Jim Harrison'; bugtraq@securityfocus.com
> Subject: RE: Windows Vista Power Management & Local Security Policy
>
Thanks,
Mitja
> -----Original Message-----
> From: Thor (Hammer of God) [mailto:thor@hammerofgod.com]
> Sent: Thursday, June 02, 2011 6:00 PM
> To: security@acrossecurity.com; 'Dan Kaminsky'
> Cc: full-disclosure@lists.grok.org.uk; bugtraq@securityfocus.com
> Subject: RE: [Full-disclosure] COM Server-Based Binary
> Kurt Dillard
>
>
>
>
> -----Original Message-----
> From: kattrap@gmail.com [mailto:kattrap@gmail.com] On Behalf Of Andrea Lee
> Sent: Monday, December 13, 2010 2:12 PM
> To: Thor (Hammer of God)
> Cc: George Carlson; bugtraq@securityfocus.com;
> full-disclosure@lists.grok.org.uk
>>
>> Thanks,
>> Mitja
>>
>>
>>> -----Original Message-----
>>> From: Thor (Hammer of God) [mailto:thor@hammerofgod.com]
>>> Sent: Thursday, June 02, 2011 6:00 PM
>>> To: security@acrossecurity.com; 'Dan Kaminsky'
>>> Cc: full-disclosure@lists.grok.org.uk; bugtraq@securityfocus.com
>>> Subject: RE: [Full-disclosure] COM Server-Based Binary
Thanks,
Mitja
> -----Original Message-----
> From: Thor (Hammer of God) [mailto:thor@hammerofgod.com]
> Sent: Thursday, June 02, 2011 6:00 PM
> To: security@acrossecurity.com; 'Dan Kaminsky'
> Cc: full-disclosure@lists.grok.org.uk; bugtraq@securityfocus.com
> Subject: RE: [Full-disclosure] COM Server-Based Binary
</rant>
Ryan Sears
----- Original Message -----
From: "dan j rosenberg" <dan.j.rosenberg@gmail.com>
To: "Cal Leeming [Simplicity Media Ltd]" <cal.leeming@simplicitymedialtd.co.uk>, full-disclosure-bounces@lists.grok.org.uk, "Ariel Biener" <ariel@post.tau.ac.il>
Cc: "leandro lista" <leandro_lista@portari.com.br>, firebits@backtrack.com.br, bugtraq@securityfocus.com, full-disclosure@lists.grok.org.uk
Sent: Monday, December 13, 2010 4:08:05 PM GMT -05:00 US/Canada Eastern
Subject: Re: [Full-disclosure] Linux kernel exploit
But it *is* worth mentioning that you have to create the malicious dll file, copy it to the system, create folders etc, and all the other mumbo jumbo to "exploit" this in the "default configuration." So, the answer to Dan's question is actually, "no, you can't." Which brings into question the actual "worth" of mentioning this in the first place. :)
t
> -----Original Message-----
> From: full-disclosure-bounces@lists.grok.org.uk [mailto:full-disclosure-
> bounces@lists.grok.org.uk] On Behalf Of ACROS Security Lists
> Sent: Thursday, June 02, 2011 8:42 AM
> To: 'Dan Kaminsky'; security@acrossecurity.com
> Cc: full-disclosure@lists.grok.org.uk; bugtraq@securityfocus.com
Best wishes & regards,
MustLive
Administrator of Websecurity web site
http://websecurity.com.ua
----- Original Message -----
From: "Jeremiah Gowdy" <Jeremiah.Gowdy@freedomvoice.com>
To: "MustLive" <mustlive@websecurity.com.ua>; <bugtraq@securityfocus.com>
Sent: Monday, July 20, 2009 10:16 PM
Subject: RE: DoS vulnerabilities in Firefox, Internet Explorer, Opera and
Chrome
Cheers,
Mitja
> -----Original Message-----
> From: full-disclosure-bounces@lists.grok.org.uk
> [mailto:full-disclosure-bounces@lists.grok.org.uk] On Behalf
> Of Thor (Hammer of God)
> Sent: Thursday, September 15, 2011 10:59 PM
> To: security@acrossecurity.com; 'ChristianSciberras'
Next Page>>
|
