IMHO, no sysadmin taking his work seriously, will wait patching the systems until an exploit is available throughout the internet.
Stefan (I AM A SYSADMIN) > -----Urspr�ngliche Nachricht----- > Von: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] Im Auftrag von Yabby > Gesendet: Dienstag, 27. April 2004 19:06 > An: johnny cyberpunk; [EMAIL PROTECTED] > Betreff: Re: [Full-Disclosure] no more public exploits > > Even though I think that the publication of your code might > have been a couple of weeks too soon: too bad you chose to > abandon full disclosure. A lot of people do not have the > skills to transform theoretical vulnerabilities into > practical exploits. With the lack of proof that the > vulnerability can really be exploited, a lot of sysadmins > will decide not to patch, leaving the holes in tact for the > real blackhats, that have possession of the malicious code anyway.... > > maarten > > > this is an anouncement that i personally have no more intention to > > publish any > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.netsys.com/full-disclosure-charter.html > _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
