Re: [Full-Disclosure] THCIISSLame exploit

From: Sebastian Krahmer (krahmer_at_suse.de)
Date: 04/23/04

  • Next message: K sPecial: "[Full-Disclosure] Perl code exploiting TCP window vuln."
    To: Feher Tamas <etomcat@freemail.hu>
    Date: Fri, 23 Apr 2004 11:22:12 +0200 (CEST)
    
    

    On Thu, 22 Apr 2004, Feher Tamas wrote:

    > Hello,
    >
    > >THC is a hacker group, not a cracker group.
    >
    > Publishing root exploit source code is free speech and is protected.
    >
    > Publishing the binary is VX-ing and is criminal. That is very clear.
    Wheres the V in "exploit"? Its maybe EXing...

    >
    > BTW, AV software only alert on binaries. AV firm research labs refuse to
    > investigate malware in source code format, even if you send them a
    > sample of a brand new one.
    >
    > To share knowledge with security researchers does not require
    > releasing binary executables, professional testers can compile the
    > source code for themselves. Avoid releasing binaries and you will not
    I doubt that. At least it probably doesnt apply to 100%. What for is
    impact?

    regards,
    Sebastian

    -- 
    ~
    ~ perl self.pl
    ~ $_='print"\$_=\47$_\47;eval"';eval
    ~ krahmer@suse.de - SuSE Security Team
    ~
    _______________________________________________
    Full-Disclosure - We believe in it.
    Charter: http://lists.netsys.com/full-disclosure-charter.html
    

  • Next message: K sPecial: "[Full-Disclosure] Perl code exploiting TCP window vuln."