RE: [Full-Disclosure] Exclusive: Windows 2000 & Windows NT 4 Source Code Leaks

Thu, 12 Feb 2004 13:31:05 -0800 

need source code comrade? 

http://amo.net/NT/01-20-03MSFT.html

*grin*
-KF


-----Original Message-----
Date: Thu 02/12/04  2:29 PM
From: jB  <[EMAIL PROTECTED]>
To:  [EMAIL PROTECTED]
CC: 
Subject: [Full-Disclosure] Exclusive: Windows 2000 & Windows NT 4 Source Code Leaks

Yes, it's not an exploit, but close...

Seems MS just joined the open source alliance:
http://neowin.net/comments.php?id=17509&category=main

JB
----- Original Message ----- 
From: "mescsa" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Monday, February 09, 2004 9:14 PM
Subject: Re: [Full-Disclosure] another product affected by recent MS IE '@' 
patch


> Nick FitzGerald <[EMAIL PROTECTED]> wrote:
>> ...
>> and, most importantly, you should note that the "userinfo" part is
>> _outside_ the definition of "hostport", and thus outside the "host"
>> part.  Ergo, HTTP URLs are explicitly (and presumably deliberately)
>> defined to _NOT_ support "userinfo" data so any implementation that
>> does is non-compliant.
>
> This is your interpretation of section 3.2.2 of RFC 2616.
>
> However section 3.2.1 of the same document states that
> "For definitive information on URL syntax and semantics," you
> should "see 'Uniform Resource Identifiers (URI): Generic Syntax
> and Semantics,' RFC 2396."
>
> Since there are neither any MUST NOTs in RFC 2616 nor any apparent
> technical reasons why userinfo should be banned from HTTP-URLs, it
> is clear that not everyone will follow your reasoning. That's why
> implementors have choosen to make use of the userinfo-part in
> services, protocols and user agents.
>
> Regards,
> mescsa
>
> __________________________________
> Do you Yahoo!?
> Yahoo! Finance: Get your refund fast by filing online.
> http://taxes.yahoo.com/filing.html
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.netsys.com/full-disclosure-charter.html
> 

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html




--
This message was sent using 3wmail.
Your fast free POP3 mail client at www.3wmail.com

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Reply via email to