Full Disclosure mailing list archives
Symantec Buys SecurityFocus, among others....
From: full-disclosure () lists netsys com (James Martin)
Date: Fri, 19 Jul 2002 14:46:02 +0100
Release exploits with the vaguest of descriptions as to how they work (lost for examples -- just copy'n'paste the "technical bits" of some of the security bulletins from MS...). Have the _only_ PoC code a compiled binary loaded with copyright notices forbidding reversing, etc. Be sure to use some "encryption" (extremely trivial is OK as complexity doesn't matter; can you say XOR?) in the PoC to "protect" the important secret (generally the overflow "string" itself). Be
Ummm surely just sniffing the exploit string being sent, will reveal the string itself in 99% of cases (remote exploits that is). Is watching the data a program sends across a network reverse engineering?? Regards James
Current thread:
- Symantec Buys SecurityFocus, among others.... full-disclosure () lists netsys com (Jul 17)
- Symantec Buys SecurityFocus, among others.... Charles 'core' Stevenson (Jul 17)
- Symantec Buys SecurityFocus, among others.... Steve (Jul 17)
- Message not available
- Symantec Buys SecurityFocus, among others.... martin f krafft (Jul 18)
- Symantec Buys SecurityFocus, among others.... Steve (Jul 17)
- Symantec Buys SecurityFocus, among others.... Charles 'core' Stevenson (Jul 17)
- <Possible follow-ups>
- Symantec Buys SecurityFocus, among others.... Charles 'core' Stevenson (Jul 18)
- Symantec Buys SecurityFocus, among others.... Sean Kelly (Jul 18)
- Symantec Buys SecurityFocus, among others.... Blue Boar (Jul 18)
- Symantec Buys SecurityFocus, among others.... James Martin (Jul 19)
- Symantec Buys SecurityFocus, among others.... Sean Kelly (Jul 18)
- Symantec Buys SecurityFocus, among others.... Mark Earnest (Jul 18)
- Symantec Buys SecurityFocus, among others.... martin f krafft (Jul 18)
- Symantec Buys SecurityFocus, among others.... martin f krafft (Jul 18)
- Symantec Buys SecurityFocus, among others.... full-disclosure () lists netsys com (Jul 18)
- Symantec Buys SecurityFocus, among others.... martin f krafft (Jul 23)