[Full-Disclosure] THCIISSLame exploit
From: Feher Tamas (etomcat_at_freemail.hu)
Date: 04/22/04
- Previous message: SGI Security Coordinator: "SGI Advanced Linux Environment security update #18"
- Next in thread: Hugh Mann: "RE: [Full-Disclosure] THCIISSLame exploit"
- Maybe reply: Hugh Mann: "RE: [Full-Disclosure] THCIISSLame exploit"
- Maybe reply: Brad Griffin: "RE: [Full-Disclosure] THCIISSLame exploit"
- Reply: Sebastian Krahmer: "Re: [Full-Disclosure] THCIISSLame exploit"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: full-disclosure@lists.netsys.com Date: Thu, 22 Apr 2004 17:10:36 +0200 (CEST)
Hello,
>THC is a hacker group, not a cracker group.
Publishing root exploit source code is free speech and is protected.
Publishing the binary is VX-ing and is criminal. That is very clear.
BTW, AV software only alert on binaries. AV firm research labs refuse to
investigate malware in source code format, even if you send them a
sample of a brand new one.
To share knowledge with security researchers does not require
releasing binary executables, professional testers can compile the
source code for themselves. Avoid releasing binaries and you will not
have problems with the authorities.
Regards, Tamas Feher.
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
- Previous message: SGI Security Coordinator: "SGI Advanced Linux Environment security update #18"
- Next in thread: Hugh Mann: "RE: [Full-Disclosure] THCIISSLame exploit"
- Maybe reply: Hugh Mann: "RE: [Full-Disclosure] THCIISSLame exploit"
- Maybe reply: Brad Griffin: "RE: [Full-Disclosure] THCIISSLame exploit"
- Reply: Sebastian Krahmer: "Re: [Full-Disclosure] THCIISSLame exploit"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
