|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: [Dailydave] ASN.1 Vulnerability Could Allow Code Execution (828028); Microsoft Security Bulletin MS04-007
From: Nicob (nicob
nicob.net)
Date: Wed Feb 11 2004 - 11:31:12 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On Wed, 2004-02-11 at 18:15, Dave Aitel wrote:
> I'd be certain that all the internal MS mailing lists on security
> (and access to bugcheck, etc) leak all over the place.
And that's probably the same thing for the US-CERT and the
"Vulnerabilities Cartel" created by ISS, Foundstone, stake, ...
So, from this page [1], we can deduce that there's numerous guys (at
least one hundred ?) knowing about 2 HIGH severity vulns in MS products
for half a year.
"It's time to end information anarchy" [2] ;-)
[1] : http://www.eeye.com/html/Research/Upcoming/index.html
[2] : http://www.attrition.org/security/rant/z/ms-sock.jpg
Regards,
--
Nicob <nicobnicob.net>
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]