[Framework]What's happening?

[hdm at metasploit.com (H D Moore)]

The calm before the storm. The dev staff has been busy with side projects 
and conference preparation for the last few weeks, expect some new code 
and definitely new exploits in the near future. 

The sendmail bug is exploitable, but not reliable, and takes a full two 
hours to trigger in a default configuration. I don' t find this bug that 
interesting or worth the effort, but feel free to submit an exploit 
module if you get it working.

Some recent side projects include:
- http://browserfun.blogspot.com/
- http://metasploit.com/research/misc/decloak/
- http://metasploit.com/research/misc/mwsearch/

-HD

PS. I unsubscribed Bryan Foster from the list - anyone who forgets to 
disable their out of office replies to a security mailing list is kind of 
asking for it :-)

On Wednesday 19 July 2006 20:16, Dane Krapchev wrote:
> I'm lurking your maillist for quite a while now and couldn't help
> notice there aren't any new posts? What happened? Do you guy work on
> something new?
>
> Also I'm just curious, there was a huge fuss about that sendmail
> vulnerability, is it indeed possible to exploit that bug or it was
> nothing but smoke? Will someone take the challenge?