Full Disclosure mailing list archives

Re: Expired certificate

From: Leif Nixon <nixon () nsc liu se>
Date: Tue, 31 Aug 2010 15:29:58 +0200

"Elazar Broad" <elazar () hushmail com> writes:

<snip>
Can't you? The world is full of unpatched systems. You can even find
systems where patches are not installed because it is running a
piece of
mission critical software and they would lose support if they
installed
any patches (I am not making this up).
</snip>

Spot on. I know of one large accounting/ERP system(which shall
remain nameless, though I am sure there are those out there who
have come across it) that checked the SQL version, including the
revision number at runtime, which made patching SQL impossible.


Or Gaussian:

  http://gaussian.com/g09_plat.htm

  "The Linux RedHat and SuSE versions specified for IA32, IA64 and
  EM64T/Operton systems refer only to the unmodified, unpatched original
  media/ISO image distributions as released by the vendor."

-- 
                               / Swedish National Infrastructure for Computing
Leif Nixon - Security officer <  National Supercomputer Centre
                               \ Nordic Data Grid Facility

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Current thread:

Re: Expired certificate Pavel Kankovsky (Aug 01)
- <Possible follow-ups>
- Re: Expired certificate Elazar Broad (Aug 02)
  - Re: Expired certificate Paul Schmehl (Aug 04)
    - Re: Expired certificate Marsh Ray (Aug 04)
    - Re: Expired certificate Charles Morris (Aug 04)
  - Re: Expired certificate Leif Nixon (Aug 31)