Full Disclosure mailing list archives
Re: no more public exploits
From: "Felipe Cerqueira - skylazart" <skylazart () core cx>
Date: Wed, 28 Apr 2004 09:33:33 -0300 (BRT)
I Agree!!!! And, if you want check service packs or patchs, all you need is try to crash it... Security companies are getting too much money with our "toys".
Heres my two cents :-/ Exploit code is better kept private. Advisories should be public. Why? Because exploit code is not easy to write depending on the bug. And I for one sure dont want some 'penetration tester' taking my code and plugging it into his automated scanner and collecting the cash. Im far to greedy to watch that happen. Sorry. NON-Disclosure of Exploit code. Full-Disclosure of Advisories. As far as the discussion of sysadmins patching on time or not. All I will say is this . . . if they did patch on time there wouldnt be a www.zone-h.org. - borg (ChrisR-) _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
- skylazart [at] core.cx _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Re: no more public exploits, (continued)
- Re: no more public exploits Yabby (Apr 27)
- Detecting newly added Windows Services (was: no more public exploits) Marcel Krause (Apr 28)
- Re: no more public exploits Yabby (Apr 27)
- RE: no more public exploits Douglas Carvalho (Apr 27)
- RE: no more public exploits Ng, Kenneth (US) (Apr 27)
- Re: no more public exploits Dave Aitel (Apr 27)
- Re: no more public exploits nicolas vigier (Apr 27)
- Re: no more public exploits Dave Aitel (Apr 27)
- Re: no more public exploits Dave Aitel (Apr 27)
- RE: no more public exploits Ng, Kenneth (US) (Apr 27)
- Re: no more public exploits chris (Apr 27)
- Re: no more public exploits james (Apr 27)
- Re: no more public exploits Felipe Cerqueira - skylazart (Apr 28)
- Re: no more public exploits gcb33 (Apr 28)
- Re: no more public exploits Evgeny Demidov (Apr 28)
- RE: no more public exploits xavier.poli (Apr 28)
- Re: no more public exploits Evgeny Demidov (Apr 28)
- RE: no more public exploits xavier.poli (Apr 28)
- no more public exploits Helmut Hauser (Apr 29)