|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Subject: Re: Naphta - Exploit?
From: Steve (steve
SECURESOLUTIONS.ORG)Date: Tue Dec 12 2000 - 15:42:17 CST
- Next message: Dom De Vitto: "Re: Naphta - Exploit?"
- Previous message: Michael Damm: "Re: bind hack or just bein funny???"
- In reply to: teespy: "Re: Naphta - Exploit?"
- Next in thread: Dom De Vitto: "Re: Naphta - Exploit?"
- Reply: Steve: "Re: Naphta - Exploit?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
> If you had readed yor mail more carefully, you'd realize razor said they
> would only release the code to the vendors, which is IMHO, being
> a DoS type
> attack [script-kiddies delight], a reasonably security through obscurity
> measure, because there is no apparently solution yet.
>
> Hope vendors get patches or some kinda solution soon, so we can see the
> appparently intresting naptha code.
>
> --------------------------------teespy----------------------------
Actually, to further clarify. As with most reports of vulnerabilities,
proof of concept code was supplied to each vendor via CERT.
This was not an attempt at security through obscurity but a common practice
in responsible full disclosure.
=====================
Steve Manzuik
Moderator
Win2KSecAdvice
Security Analyst
BindView RAZOR Team
====================
***This email contains my own thoughts and no one elses***
- Next message: Dom De Vitto: "Re: Naphta - Exploit?"
- Previous message: Michael Damm: "Re: bind hack or just bein funny???"
- In reply to: teespy: "Re: Naphta - Exploit?"
- Next in thread: Dom De Vitto: "Re: Naphta - Exploit?"
- Reply: Steve: "Re: Naphta - Exploit?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]