Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security FullDisclosure
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [Full-Disclosure] FIREFOX flaws: nested array sort() loop Stack over

from [Juan Carlos Navea] Network Security [Permanent Link]
Subject: Re: [Full-Disclosure] FIREFOX flaws: nested array sort() loop Stack overflow exception
Date: Thu, 25 Nov 2004 16:26:30 -0500 
So instead you unleash it upon kiddie and spammer world? That's lovely.



Next you will come by again and say: "I'm still hoping I get to see the
guy who wrote those MyDoom worms in court, he violated the GPL and
spread millions(?) of copies of my (modified) source)."



So, you release it like you did and, expect what?

Some people are advocates of this or that disclosure mechanism, and
believe they are right. I can bite.
You just say: "I'm so cool. I will release this, get a ton of attention
and then say 'hey! They violated GPL! How dare they?!'"



Full disclosure. Responsible disclosure (according to whoever).
Non-disclosure. Fine. What are you doing?


I agree, not to mention that that "bugzilla crap" is not really crap.
I find it to be a solid system for the most part. Also, It has been
proven that involving the general public to help out in filing bugs
has been useful  in resolving problems that would otherwise go
unnoticed until script kiddies start abusing them.

Plus bugzilla is not really that hard to use, takes just a few minutes really. 


-- 
http://www.loconet.ca

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  [Full-Disclosure] Rumours about Opera, Marc Schoenefeld
Next by Date:  [Full-Disclosure] MDKSA-2004:139 - Updated cyrus-imapd packages fix multiple vulnerabilities, Mandrake Linux Security Team
Previous by Thread:  Re: [Full-Disclosure] FIREFOX flaws: nested array sort() loop Stack overflow exception, Esben Stien
Next by Thread:  [Full-Disclosure] Re: Opera flaws: nested array sort() loop Stack overflow exception, sergio
Indexes:  [Date] [Thread] [Top] [All Lists]