Administrivia: Bash Blues
From: Dave McKinney (dm@securityfocus.com)
Date: 02/14/03
Next message: Tim Habex: "Windows 2000 Static arp not static"
Date: Fri, 14 Feb 2003 09:55:48 -0700 (MST)
From: Dave McKinney <dm@securityfocus.com>
To: vuln-dev@securityfocus.com
Hi,
We (Aaron Adams and I) will probably be killing this thread unless any
headway is made with regards to exploitability of the bug. The only
security consequence of the issue that comes to mind is being able to
bypass a restricted shell.
Relevant Pages
- Re: [Full-Disclosure] openssh exploit code?
... Can you provide any sort of technical argument as to why this bug is not ... Or are you going to simply stand behind the typical OpenBSD ... So yeah, FUD. ... provide an adequate technical discussion against the exploitability of ...
(Full-Disclosure) - Re: [Full-Disclosure] re: openssh exploit code?
... research the bug yourself and base any conclusions on exploitability ... I *am* researching the bug myself. ... learn to assess the patch, ... Disclosing an exploit would at this stage only ...
(Full-Disclosure) - Re: dsdt buggy acpi
... iasl will complain about code that the Linux interpreter will happily ... then it's unlikely that there's any functional difference as a result. ... As for a bug report I already have one filed. ...
(Linux-Kernel) - Re: Full Disk Laptop Encryption
... Symantec problem that you are running into. ... There is one bug that I have ... Subject: Full Disk Laptop Encryption ... In regards to the FDE feature. ...
(Security-Basics) - Re: vs2005 bug status?
... >> Regards, ... but unless your bug affects a LARGE number of MS's ... they're not going to go through a pach process (which is ... >>> (even though such a workaround may be uncomfortable for you). ...
(microsoft.public.dotnet.framework.aspnet) |
|
