Even though I think that the publication of your code might have been a couple of weeks too soon: too bad you chose to abandon full disclosure. A lot of people do not have the skills to transform theoretical vulnerabilities into practical exploits. With the lack of proof that the vulnerability can really be exploited, a lot of sysadmins will decide not to patch, leaving the holes in tact for the real blackhats, that have possession of the malicious code anyway....
maarten > this is an anouncement that i personally have no more intention to publish > any _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
