[Full-Disclosure] remote kernel exploits?

From: Azerail (Azerail@supersecretninjaskills.com)
Date: 09/08/02


From: Azerail <Azerail@supersecretninjaskills.com> (Azerail)
Date: Sun, 8 Sep 2002 05:25:22 -0700

My thoughts in-line...

On Sun, 08 Sep 2002, andy_mn@hushmail.com wrote:

> - - I have not seen any incident reports on Incidents, or any other
> mailing list for that matter.

If it's a private exploit, in the hands of one or two people, there
may be a vested interest in not reporting it.

> - - You'd think several high profile sites would've been attacked already
> with such devastating exploits, but I've seen no reports of this. In
> fact, if the kids really did have such an exploit, you'd think they'd
> tag their h4ndl3z all over high profile sites. But according to Alldas,
> high profile defacements have been virtually nonexistent in the last
> year or so.

Not if they are being sneaky and lying low. A wise decision given
today's political climate.

> - - Given the skill required to craft such an exploit, I'd think it
> would be way out of the grasp of the kids. Since no researcher has
> come forth with such a vulnerability, it's logical to conclude that
> this does not exist.

Not everyone who crafts an exploit is neccessarly a researcher or a
kid.

Anyway, just my thoughts, no basis whatsoever, just based on the
availible information.

Azerail

----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management
and tracking system please see: http://aris.securityfocus.com