| From: | [EMAIL PROTECTED] |
| Sent: | Fri 2/20/2004 9:39 PM |
| To: | [EMAIL PROTECTED] |
| Cc: | [EMAIL PROTECTED] |
| Subject: | [Full-Disclosure] RE: Re: is predicatable file location a vuln? (was RE: Aol Instant Messenger/Microsoft Internet Explorer remote code execution) |
Why don't you release your exploits on packetstormsecurity or astalavista
instead of Bugtraq? You obviously have no interest in trying to secure
anyone, instead you are deliberately hurting the security of us all.
>I totally disagree. Did you know microsoft sometimes refuses to accept
vulnerabilities and dismiss them as “not a vulnerability itself” but in actuality
only need to be combined with other “not a vulnerability itself” exploits and do
not understand this. I would actually THANK bugtraq and Full Disclosure
that posts from Http equiv and others actually seem to get a quick patch rate
now by Microsoft then in the past. Experts seem to be always repeating
them selves how this is “a year old vulnerability” and no response from
Microsoft. It seems not unless they are SHOWN in proof on concepts are
fixes put in the works.
How are you any different than a virus writer? They are creating malware
and releasing it on their sites, then they claim innocence because they
didn't click the "Send" button. Both of you are intentionally trying
to help blackhats, script kiddies and criminals.
>Did you ever think the wrong someone will think of these things sooner or later? Researches, if you notice, get anti virus people on top of their game for free. They already have definitions for this example and others thanks fully to the "security researcher"
Mike
P.S. AIM or Buddy Icons no longer required. IE is just a big hole.
