|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Valdis.Kletnieks
vt.edu
Date: Tue May 01 2007 - 11:45:24 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On Tue, 01 May 2007 12:24:47 EDT, Larry Seltzer said:
> >>Consider that most often a bug filed as DOS can actually be
> exploitable, but the person who discovered it can't get the POC working
> or is even aware it is. While command execution is the ideal goal it
> doesn't mean other types of issues are *completely* worthless.
>
> Most often? How do you know that?
Given the number of programs I've filed "Version XYZ segfaults under conditions
A, B, and C" bug reports, compared to the number of things that were obviously
exploitable, I have to conclude that either I'm a lot worse than Joe Programmer
at identifying what's exploitable, or that a lot of *other* programmers are
filing "Version XYZ segfaults" bug reports without understanding if they're
exploitable - and quite often the segfault gets *fixed* as "just a segfault"
rather than as a security-level bug.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (GNU/Linux)
Comment: Exmh version 2.5 07/13/2001
iD8DBQFGN26kcC3lWbTT17ARAlDVAJwOqkd9LCDvVIywRUAvtE5vwk8ygACfdLq6
eU22ZEBd6j8wZ34Gv/W/YFY=
=S7B2
-----END PGP SIGNATURE-----
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]