Vulnerability Development mailing list archives
RE: Apache Worm?
From: hellNbak <hellnbak () nmrc org>
Date: Wed, 19 Jun 2002 15:46:47 -0400 (EDT)
Correct, reporting a vulnerability is the right thing to do, we are in raging agreement. But purposely *NOT* contacting the vendors involved because for some stupid immature reason your "don't trust them" and then doing a press release on the vulnerability is not the right thing to do. Its not always as simple as black and white. On Wed, 19 Jun 2002 sanjay.patel () rexwire com wrote:
Date: Wed, 19 Jun 2002 13:56:42 -0400 From: sanjay.patel () rexwire com To: hellnbak () nmrc org Cc: vuln-dev () securityfocus com Subject: RE: Apache Worm? Reporting a vulnerability is the right think to do. How do you know that the blackhats did not already know of this hole. -----Original Message----- From: hellNbak [mailto:hellnbak () nmrc org] Sent: Wednesday, June 19, 2002 11:55 AM To: Doesnt Matter Cc: vuln-dev () securityfocus com Subject: Re: Apache Worm? Yeah this could be used in a worm. You can all thank ISS for exposing all you non-ISS customers. Quick pay their extortion fees....errr buy their software you you too can be protected from the so called "untrustworthy" open source vendors.......... Thanks ISS! bah... On Wed, 19 Jun 2002, Doesnt Matter wrote:Date: Wed, 19 Jun 2002 07:09:35 +0800 From: Doesnt Matter <ackstorm () hackermail com> To: vuln-dev () securityfocus com Subject: Apache Worm? what would be the likely hood a cracker could turn this into a internet worm, and what would the possible destruction be? I'm aware still over 50% of the webservers are running apache, but the diffrent distros might cause somewhat of a problem. would it not? ~ack
-- -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- "I don't intend to offend, I offend with my intent" hellNbak () nmrc org http://www.nmrc.org/~hellnbak -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Current thread:
- Apache Worm? Doesnt Matter (Jun 19)
- Re: Apache Worm? Replugge[ROD] (Jun 19)
- Re: Apache Worm? Steve Bremer (Jun 19)
- Re: Apache Worm? hellNbak (Jun 19)
- Re: Apache Worm? qobaiashi (Jun 19)
- <Possible follow-ups>
- RE: Apache Worm? Thor Larholm (Jun 19)
- RE: Apache Worm? Horner, Jonathan J. (JH8) (Jun 19)
- RE: Apache Worm? hellNbak (Jun 19)
- Re: Apache Worm? Raistlin (Jun 21)
- Re: Apache Worm? Blue Boar (Jun 21)
- Re: Apache Worm? Raistlin (Jun 21)