Bugtraq mailing list archives
Re: Internet Explorer 0day exploit
From: Chris Stromblad <cs () outpost24 com>
Date: Fri, 20 Jul 2007 10:22:32 +0200
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Zow Terry Brugger wrote:
ideal world. Many of the advisories I look at almost always cover the same type of vulnerability. Shouldn't we have learned by now, if we consider your argument?It's been a while, but one of the great things I've seen Bugtraq used for is to look at the distribution of vulnerabilities. In the past few years, my perception is that there's been a decline in the number of buffer overflow attacks and most of what we see today are web attacks like cross-site scripting and remote file injection. Seeing these trends is important because it tells us as a community where we need to focus our efforts.However, perhaps one/I just need to shift the way I look at advisories. Rather than seeing them as "late" and "out-of-date", they could be an additional source of information about a particular system. I'll accept that.That too. Let me tell you, if I ever need to set up a web forum for something, I'm going to look at Bugtraq to see what the track record is for the systems I'm considering.are almost at the verge of being completely void. A remedy for that would be to have the security community agree on a common "advisory protocol" that defines a guideline for contents in an advisory. Anyways,Great idea! Much like the RFP vendor notification policy (Which I haven't seen mentioned in a while, so I encourage everyone doing vulnerability research to see http://www.wiretrip.net/rfp/policy.html). Anyone care to propose a template (presumably if someone who the community respects does so, it's more likely to catch on)?
Yes, ideally if someone with a bit of community credibility could step up and propose a standard that certainly would kick start it a little bit. Another great benefit of such a template would be consistency in layout and contents. Also to improve the educational value of an advisory it would be neat if an appropriate code-segment of the vulnerability could be included. Now people will argue the whole intellectual property aspect but I seriously doubt that 3-5 lines of code are going to affect anything. Let's do something about this!
Terry import standard.disclaimer;
- -- Chris Stromblad (CEH) Head of Security Services Outpost24 UK 90 Long Acre Covent Garden London, WC2 E9RZ - ------------------------- Tel: +44 (0) 207 849 3097 Dir: +44 (0) 208 099 6595 Fax: +44 (0) 207 849 3140 - ------------------------- -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.5 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFGoHDI+CG0a/ZJxn8RAhHEAJ437PJf7shw7gmnivqncIXEF4dZbQCgpaTK 3zxJsLOTxwb+TffwDQYsO6U= =7uds -----END PGP SIGNATURE-----
Current thread:
- Internet Explorer 0day exploit Thor Larholm (Jul 10)
- Re: Internet Explorer 0day exploit Gadi Evron (Jul 13)
- Re: Internet Explorer 0day exploit Dragos Ruiu (Jul 14)
- Re: Internet Explorer 0day exploit Gadi Evron (Jul 17)
- Re: Internet Explorer 0day exploit Chris Stromblad (Jul 18)
- Re: Internet Explorer 0day exploit Zow (Jul 18)
- Re: Internet Explorer 0day exploit Chris Stromblad (Jul 20)
- Re: Internet Explorer 0day exploit Zow (Jul 19)
- Re: Internet Explorer 0day exploit Chris Stromblad (Jul 20)
- Re: Internet Explorer 0day exploit Chad Perrin (Jul 20)
- RE: Internet Explorer 0day exploit Ken Kousky (Jul 23)
- RE: Internet Explorer 0day exploit Hugo van der Kooij (Jul 24)
- RE: Internet Explorer 0day exploit Roger A. Grimes (Jul 24)
- Re: Internet Explorer 0day exploit Dragos Ruiu (Jul 14)
- Re: Internet Explorer 0day exploit Gadi Evron (Jul 13)
- Re: Internet Explorer 0day exploit Bigby Findrake (Jul 18)
- Re: Internet Explorer 0day exploit Chris Stromblad (Jul 20)
- Message not available
- Re: Internet Explorer 0day exploit Aaron Katz (Jul 23)
- Re: Internet Explorer 0day exploit Aaron Katz (Jul 23)
- <Possible follow-ups>
- Re: Re: Internet Explorer 0day exploit piercede (Jul 23)