Bugtraq mailing list archives
Re: [HERT] Advisory #002 Buffer overflow in lsof
From: route () RESENTMENT INFONEXUS COM (route () RESENTMENT INFONEXUS COM)
Date: Thu, 18 Feb 1999 16:46:17 -0800
[Gene Spafford wrote] | | People who publish bugs/exploits that are not being actively exploited | *before* giving the vendor a chance to fix the flaws are clearly | grandstanding. They're part of the problem -- not the solution. | Who is to say the vulnerability in question was NOT being exploited prior to release? Odds are it was. Bugtraq is a full-diclosure list. The `problem` as you succinctly put it is in *non-disclosure*. While it is still questionable whether or not the original posters found the bug themselves (the advisory lacked any technical detail) calling them part of the problem is a misfire of your disdain (attacking them on the content of the advisory --or lack thereof-- is a much better call). The problem, in this case, would be the malevolent individual(s) breaking into your machine exploiting this bug (before or after it was disclosed). Don't shoot the messenger. -- I live a world of paradox... My willingness to destroy is your chance for improvement, my hate is your faith -- my failure is your victory, a victory that won't last.
Current thread:
- Re: [HERT] Advisory #002 Buffer overflow in lsof, (continued)
- Re: [HERT] Advisory #002 Buffer overflow in lsof Theo de Raadt (Feb 18)
- Re: [HERT] Advisory #002 Buffer overflow in lsof Gene Spafford (Feb 18)
- IE0199.exe uninstaller David Brumley (Feb 19)
- Re: [HERT] Advisory #002 Buffer overflow in lsof Weld Pond (Feb 19)
- Re: [HERT] Advisory #002 Buffer overflow in lsof Valdis.Kletnieks () VT EDU (Feb 19)
- Plaintext Password in Tractive's Remote Manager Software Trevor Gryffyn (Feb 19)
- Re: [HERT] Advisory #002 Buffer overflow in lsof Peter W (Feb 19)
- Re: [HERT] Advisory #002 Buffer overflow in lsof John DiMarco (Feb 19)
- Re: [HERT] Advisory #002 Buffer overflow in lsof brian j pardy (Feb 19)
- Re: [HERT] Advisory #002 Buffer overflow in lsof Greg Woods (Feb 19)
- Re: [HERT] Advisory #002 Buffer overflow in lsof route () RESENTMENT INFONEXUS COM (Feb 18)
- Re: [HERT] Advisory #002 Buffer overflow in lsof Fred W. Noltie Jr. (Feb 19)
- Call to politeness (Re: [HERT] Advisory #002 Buffer overflow in alecm (Feb 19)
- pine 4.10 patches (similar to 4.05) GvS (Feb 20)
- Re: [HERT] Advisory #002 Buffer overflow in lsof M.C.Mar (Feb 20)
- full disclosure and vendor education Antonomasia (Feb 20)
- Re: [HERT] Advisory #002 Buffer overflow in lsof Lamont Granquist (Feb 18)