dullienGMX.DE

• Next message: Marc: "Re: Blind Remote Buffer Overflow"
• Previous message: Lamagra Argamal: "Re: Replacing Kernel Functions via a LKM"
• Maybe in reply to: Rory Savage: "Exploit Ease Level"
• Next in thread: Rory Savage: "Re: Exploit Ease Level"
• Maybe reply: Thomas Dullien: "Re: Exploit Ease Level"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, 27 Apr 2000 10:39:42 +0200, Sebastian wrote:

Hey Sebastian,

>The idea isn't new, for example in the NAI CyberCop handbook there is a
>great list with all checks CyberCop does together with a rating how popular
>and how difficult it is to exploit this vulnerability. Btw, I think, a
>knowledgeable reader of this mailing list might have a rough impression
>of the difficulty after having checked out the situation for a couple
>of minutes. For the really wicked tricks used in exploits the reader has
>to check the exploits comments anyway in case he understands them.

Actually, the only kind of 'difficulty level' I think one could reliably
mention is the fact whether a relatively reliable exploit can be written at all :)
I mean isn't that fact enough for anyone ?
If the exploit can be written, then it will be written to be easily
usable. Thats the way life is :)
If on the other hand an exploit can only be written with substantial
information about a target system (which _exakt_ patch he has installed
or perhabs which exact base address the kernel has or whatever)
or a lot of guesswork, one can mention it. But I think a rating system
is not ... well ... useful :)

Thomas Dullien

• Next message: Marc: "Re: Blind Remote Buffer Overflow"
• Previous message: Lamagra Argamal: "Re: Replacing Kernel Functions via a LKM"
• Maybe in reply to: Rory Savage: "Exploit Ease Level"
• Next in thread: Rory Savage: "Re: Exploit Ease Level"
• Maybe reply: Thomas Dullien: "Re: Exploit Ease Level"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]