|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: [Dailydave] The Week of Oracle Database Bugs
From: Olef Anderson (olef.anderson
gmail.com)
Date: Wed Nov 29 2006 - 14:01:14 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
i think this was the proper thing to do since releasing Oracle 0day is like;
"picking on a retarded kid with no legs and arms"
it amazes me to think that litchfield and cesar thrives on a business that
is just doing that all day, picking on a retarded kid....
cheers,
olef
On 11/29/06, Dude VanWinkle <dudevanwinklegmail.com> wrote:
>
> update:
>
> from: http://www.argeniss.com/woodb.html
>
> The Week of Oracle Database Bugs
>
> We are sad to announce that due to many problems the Week of Oracle
> Database Bugs gets suspended.
>
> We would like to ask for apologizes to people who supported this and
> were really excited with the idea, also we would like to thank the
> people who contributed with Oracle vulnerabilities.
>
> -----------------------
> thanks for the tip Ferg!
>
> -JP
>
> On 11/27/06, Jared DeMott <demottjamsu.edu> wrote:
> > greets Sinan!
> > >
> > > I don't think there could be anything special or uber cool about a
> > > fuzzer.
> > Interesting. To say the least my hat goes off to the security/app dev
> > community as a whole, because it seems that fuzzing is a fairly well
> > understood action these days. Most know that passing a fuzz test
> > doesn't == secure app, but it likely does mean we've cleared out the low
> > hanging fruit, assuming we have a decent fuzzer for whatever we're
> testing.
> >
> > That said, I think there's still a lot of people fuzzing for both
> > security and exploit research.
> > >
> > > I always assume there are millions out there that write better and
> > > thousands more lines of C/python/ruby code than me every single day.
> > > They have much more free time in their hands and the usual academic
> > > buzz words (genetic algorithms etc.) to ponder on all day. OULU being
> > > the prime example.
> > ya, I hear ya bro -- creating the next generation of fuzzers is no easy
> > task!!
> > > There is no point in me targeting their share of the fish so instead
> > > as somebody with tiny resources would, I go for the deep sea fish
> > > which they never ever seem to catch with their sweeps since they don't
> > > reach deep enough.
> > I'd like to chat more with you offline on your methodology.
> > >
> > > It would be naive to think that you can outsmart all that lot and hunt
> > > with similar tools and still believe it is uniquely yours.
> > Hmm... great discussion!
> > >
> > > cheers,
> > > sinan
> > >
> > >
> >
> > _______________________________________________
> > Dailydave mailing list
> > Dailydavelists.immunitysec.com
> > http://lists.immunitysec.com/mailman/listinfo/dailydave
> >
> _______________________________________________
> Dailydave mailing list
> Dailydavelists.immunitysec.com
> http://lists.immunitysec.com/mailman/listinfo/dailydave
>
_______________________________________________
Dailydave mailing list
Dailydavelists.immunitysec.com
http://lists.immunitysec.com/mailman/listinfo/dailydave
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]