Network Security: Detailed info on Re: [Full-disclosure] n.runs-SA-2007.027

Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.

Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.

Network Security FullDisclosure

[Top] [All Lists]

Re: [Full-disclosure] n.runs-SA-2007.027 - Sophos Antivirus UPX parsing

from [Lisa Thalheim] Network Security

[Permanent Link]

Subject:	Re: [Full-disclosure] n.runs-SA-2007.027 - Sophos Antivirus UPX parsing Arbitrary CodeExecution Advisory
Date:	Wed, 29 Aug 2007 12:25:52 +0200

Hi Sergio,

Sergio Alvarez wrote:

I ask for apologies for the mistake.
Unfortunately we can't give more details about the vulnerability because
the German Law (§202)


I beg to differ. The update to 202c is somewhat cryptic and it's still
unclear what its implications will be, although I know lawyers here (==
in .de) who say that the addition introduced is simply redundant.

But whatever your take on this 202c addition is: It really, really,
_really_ doesn't say anything about publishing information concerning
vulnerabilities.

Regards,
Lisa

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

[More messages with this same subject...]

<Prev in Thread]	Current Thread	[Next in Thread>
[Full-disclosure] n.runs-SA-2007.027 - Sophos Antivirus UPX parsing Arbitrary CodeExecution Advisory, security Re: [Full-disclosure] n.runs-SA-2007.027 - Sophos Antivirus UPX parsing Arbitrary CodeExecution Advisory, 3APA3A Re: n.runs-SA-2007.027 - Sophos Antivirus UPX parsing Arbitrary CodeExecution Advisory, Sergio Alvarez Re: [Full-disclosure] n.runs-SA-2007.027 - Sophos Antivirus UPX parsing Arbitrary CodeExecution Advisory, Kevin Finisterre (lists) Re: [Full-disclosure] n.runs-SA-2007.027 - Sophos Antivirus UPX parsing Arbitrary CodeExecution Advisory, Blue Boar Re: [Full-disclosure] n.runs-SA-2007.027 - Sophos Antivirus UPX parsing Arbitrary CodeExecution Advisory, Kevin Finisterre (lists) Re: [Full-disclosure] n.runs-SA-2007.027 - Sophos Antivirus UPX parsing Arbitrary CodeExecution Advisory, Simon Smith Re: [Full-disclosure] n.runs-SA-2007.027 - Sophos Antivirus UPX parsing Arbitrary CodeExecution Advisory, Valdis . Kletnieks Re: [Full-disclosure] n.runs-SA-2007.027 - Sophos Antivirus UPX parsing Arbitrary CodeExecution Advisory, Lisa Thalheim <=

Previous by Date:	[Full-disclosure] Security contact at gforge(http://gforge.org/), Sumit Siddharth
Next by Date:	[Full-disclosure] informative..., withak
Previous by Thread:	Re: [Full-disclosure] n.runs-SA-2007.027 - Sophos Antivirus UPX parsing Arbitrary CodeExecution Advisory, Valdis . Kletnieks
Next by Thread:	[Full-disclosure] rPSA-2007-0172-1 tar, rPath Update Announcements
Indexes:	[Date] [Thread] [Top] [All Lists]