Wrong on that one .. Ruben. But i agree on the Anders Klixbull one :) 2009/3/26 Rubén Camarero <[email protected]>
> I shall count the seconds it take for Mr. Mac.User to switch internet pages > to go to Mr. Lincoln's gmail and write a reply to himself: 1, 2, finish it > for me! > > On Thu, Mar 26, 2009 at 12:34 PM, <[email protected]> wrote: > >> -----BEGIN PGP SIGNED MESSAGE----- >> Hash: SHA1 >> >> My favourite sort of internet personality is one that trolls >> grammar nazis in their well structured insults against the >> intelligence of others. Bravo my friend. >> >> On Thu, 26 Mar 2009 01:09:38 -0400 Rubén Camarero >> <[email protected]> wrote: >> >_You_ are two dim to imagine that this issue is more like a bug >> >than a >> >vulnerability. If _you_ did try to imagine it, your head would >> >probably >> >explode and xssme would ooze out. >> > >> >On Thu, Mar 26, 2009 at 12:42 AM, Nick FitzGerald >> ><[email protected]>wrote: >> > >> >> Rubén Camarero wrote: >> >> >> >> > What great references. Owasp isn't the king of vulnerability >> >information, >> >> of >> >> > course a website named XSSed is going to count this as super >> >serious, and >> >> > while I respect Insecure.. these days, people have exploited >> >web bugs to >> >> > their max (and I'm waiting for more), but they aren't directly >> >serious. >> >> > DIRECTLY is the key word. >> >> >> >> No, but just because this kind of vulnerability is "only" >> >indirectly >> >> serious dosen't mean that they aren't serious. >> >> >> >> Just because _you_ are too dim to imagine a way that someone can >> >profit >> >> significantly from exploiting this does not mean that there are >> >not such >> >> methods, NOR that use of such exploits won't "damage" nVidia. >> >> >> >> Whether nVidia (and others affected by so many similar >> >vulnerabilities) >> >> will see this and decide to take action is what really matters. >> >In this >> >> regard, I certainly hope that you do not work for, or consult >> >with, or >> >> otherwise represent the view of nVidia on this issue. >> >> >> >> >> >> Regards, >> >> >> >> Nick FitzGerald >> >> >> >> >> >> _______________________________________________ >> >> Full-Disclosure - We believe in it. >> >> Charter: http://lists.grok.org.uk/full-disclosure-charter.html >> >> Hosted and sponsored by Secunia - http://secunia.com/ >> >> >> > >> > >> > >> >-- >> >Rubén Camarero >> >CCNA, CISSP >> -----BEGIN PGP SIGNATURE----- >> Charset: UTF8 >> Version: Hush 3.0 >> Note: This signature can be verified at https://www.hushtools.com/verify >> >> wpwEAQMCAAYFAknLrq4ACgkQfuF4tUz/X+JKzAP/ViirowPihAisi1DFEi4W6jOn/CwQ >> sAU9c5riwPvj5DrYfZYblg2BIduxBYweSAwrcA8TnJNBaBKOIv1weO2MclqEp11xq+Z3 >> UfR2UpkldfMWzHpfGkxhwcz2xcy5T9PN/79IGnGk3xiG8zW2eBo88yNrhiE7x2e9PFjI >> BOCaN9A= >> =gYB5 >> -----END PGP SIGNATURE----- >> >> -- >> Free information on the best Web Hosting. Click Now! >> >> http://tagline.hushmail.com/fc/BLSrjkqe38U7zLZKJoIcSfnZcCPMg2m3CMMZbrY9em4IiOArRQ7ukNi4nK4/ >> >> > > > -- > Rubén Camarero > CCNA, CISSP > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ >
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
