Bugtraq mailing list archives

Re: Full Disclosure works, here's proof:

From: ccshag () cclabs missouri edu (Paul 'Shag' Walmsley)
Date: Sun, 4 Dec 1994 17:53:15 -0600 (CST)


On Sun, 4 Dec 1994, Karl Strickland wrote:

One important point is, if you dont know what the hole is, you cant be sure
its fixed.  Some people are more reluctant to take these things on trust,
after seeing what happened with Sun's binmail patches.


A good example of this is SGI's '/usr/sbin/printers' patch for IRIX 5.2.  
That patch was out for several months before it was discovered that the 
same flaw in printers also existed in SGI's visual login program!  

If full details of what this patch patched were propagated along with the 
patch, I believe that this problem would have been discovered much sooner.


- Paul "Shag" Walmsley <ccshag () everest cclabs missouri edu>
  "The only difference between myself and a madman is that I am not mad."
       - Salvador Dali

Current thread:

Re: /dev/tcp, and a LD_LIBRARY_PATH question., (continued)
- - - Re: /dev/tcp, and a LD_LIBRARY_PATH question. Robert M. Haas (Dec 03)
  - full disclosure list clarification Pete Hartman (Dec 02)
- pt_chmod carson () lehman com (Dec 02)
  - Re: pt_chmod Karl Strickland (Dec 02)
  - mktemp.. *Hobbit* (Dec 02)
- bugtraq list problems (resolved?) Admin/Support (Dec 02)
- full-disclosure list Pete Hartman (Dec 02)
- Re: Full Disclosure works, here's proof: Christopher Klaus (Dec 03)
- Re: Full Disclosure works, here's proof: Bela Lubkin (Dec 03)
  - Re: Full Disclosure works, here's proof: Karl Strickland (Dec 04)
    - Re: Full Disclosure works, here's proof: Paul 'Shag' Walmsley (Dec 04)
  - Re: Full Disclosure works, here's proof: Christopher Klaus (Dec 04)
- Re: Full Disclosure works, here's proof: Bela Lubkin (Dec 04)
  - Re: Full Disclosure works, here's proof: Karl Strickland (Dec 04)
- Re: Full Disclosure works, here's proof: smb () research att com (Dec 05)
- Re: Full Disclosure works, here's proof: Randy Bias (Dec 05)