RE: [Full-Disclosure] Re: Second critical mremap() bug found in all Linux kernels

From: Replugge[ROD] (packet_at_vtr.net)
Date: 02/18/04

  • Next message: Leif Sawyer: "[Full-Disclosure] Silent Fixes (was GAYER THAN AIDS ADVISORY #01: IE 5 remote code execution)"
    To: "'Chris Anley'" <chris@ngssoftware.com>
    Date: Wed, 18 Feb 2004 17:50:39 -0300
    
    

     Ofcourse, but leave that option to the person that is posting his research
    or PoC ploits to the list,
    It isn't very religious to tell him what to do in the "full-disclosure"
    mailing list, the freedom to post
    is the very Spirit of this mailing list.

    Regards

    Rod.-

    -----Mensaje original-----
    De: full-disclosure-admin@lists.netsys.com
    [mailto:full-disclosure-admin@lists.netsys.com] En nombre de Chris Anley
    Enviado el: Miércoles, 18 de Febrero de 2004 16:08
    Para: Replugge[ROD]
    CC: 'Paul Starzetz'; 'Christophe Devine'; full-disclosure@lists.netsys.com
    Asunto: RE: [Full-Disclosure] Re: Second critical mremap() bug found in all
    Linux kernels

    Full doesn't necessarily mean immediate.

    <...ducks for cover...>

         -chris.

    On Wed, 18 Feb 2004, Replugge[ROD] wrote:

    > Isn't this the "full disclosure" mailing list?
    >
    > -----Mensaje original-----
    > De: full-disclosure-admin@lists.netsys.com
    > [mailto:full-disclosure-admin@lists.netsys.com] En nombre de Paul
    > Starzetz Enviado el: Miércoles, 18 de Febrero de 2004 11:52
    > Para: Christophe Devine
    > CC: full-disclosure@lists.netsys.com
    > Asunto: Re: [Full-Disclosure] Re: Second critical mremap() bug found
    > in all Linux kernels
    >
    > On Wed, 18 Feb 2004, Christophe Devine wrote:
    >
    > >This PoC exploit can be used to check if a Linux system is vulnerable
    > >to the second do_mremap() bug; the code has only been tested on Linux
    > >version 2.4.22 so far
    >
    > please do not post any exploit code(s) before a proper grace period.
    >
    > --
    > Paul Starzetz
    > iSEC Security Research
    > http://isec.pl/
    >
    >
    > _______________________________________________
    > Full-Disclosure - We believe in it.
    > Charter: http://lists.netsys.com/full-disclosure-charter.html
    >
    > _______________________________________________
    > Full-Disclosure - We believe in it.
    > Charter: http://lists.netsys.com/full-disclosure-charter.html
    >
    >

    _______________________________________________
    Full-Disclosure - We believe in it.
    Charter: http://lists.netsys.com/full-disclosure-charter.html

    _______________________________________________
    Full-Disclosure - We believe in it.
    Charter: http://lists.netsys.com/full-disclosure-charter.html


  • Next message: Leif Sawyer: "[Full-Disclosure] Silent Fixes (was GAYER THAN AIDS ADVISORY #01: IE 5 remote code execution)"