|
----- Original Message -----
From: Chris
Paget
To: Len
Rose
Sent: Sunday, July 27, 2003 12:08 PM
Subject: Re: [Full-Disclosure] DCOM RPC exploit (dcom.c) Len, IMHO there's a difference between "security through obscurity" and posting working exploit code. Knowing that there is a vulnerability in DCOM, accessible over a range of RPC mechanisms (primarily 135/tcp) is all that most administrators need to know. It's one thing knowing that you can kill a person with a gun, and it's another to give away firearms. Just my $0.02:
Shoot the messenger - that always stops
the bad event happening.
Sorry for the sarcasm. I can never see
the point in "If we don't tell the enemy how to build a nuclear weapon they
never will so we are safer as a result" logic.
Greg - you may call me a "Jihad O'Clue." if you
wish.
|
- Re: [Full-Disclosure] DCOM RPC exploit... Paul Schmehl
- Re: [Full-Disclosure] DCOM RPC exploit (d... Nathan Seven
- Re: [Full-Disclosure] DCOM RPC exploit... Valdis . Kletnieks
- Re: [Full-Disclosure] DCOM RPC exploit... KF
- Re: [Full-Disclosure] DCOM RPC exploit (dcom.c... Valdis . Kletnieks
- Re: [Full-Disclosure] DCOM RPC exploit (dc... manohar singh
- Re: [Full-Disclosure] DCOM RPC exploit... Etaoin Shrdlu
- Re: [Full-Disclosure] DCOM RPC exploit... Nick FitzGerald
- Re: [Full-Disclosure] DCOM RPC exploit... Jean-Baptiste Marchand
- Re: [Full-Disclosure] DCOM RPC exploit... Nick FitzGerald
- Re: [Full-Disclosure] DCOM RPC exploit (dcom.c) gregh
- Re: [Full-Disclosure] DCOM RPC exploit (dcom.... Nick FitzGerald
- RE : [Full-Disclosure] DCOM RPC exploit (dcom... Nicolas Villatte
- Re: [Full-Disclosure] DCOM RPC exploit (dcom.c) Jason
- Re: [Full-Disclosure] DCOM RPC exploit (dcom.... Chris Paget
- Re: [Full-Disclosure] DCOM RPC exploit (dcom.... Paul Schmehl
