Re: Complicated Disclosure Scenario

From: Jeff Nathan (jeffat_private)
Date: Thu Jan 17 2002 - 20:54:55 PST

Next message: Parity: "RE: Complicated Disclosure Scenario"

Previous message: KF: "Re: efax - Exploitation info"
In reply to: Jose Nazario: "RE: Complicated Disclosure Scenario"
Next in thread: Nathan Anderson: "RE: Complicated Disclosure Scenario"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Jose Nazario wrote:
> 
> if you wanna feel better about it, include some workarounds for people to
> use it a bit safer, or supply, if possible, an alternative. then you have
> more than adequately covered your bases.
> 
> ____________________________
> jose nazario                                                 joseat_private
>                      PGP: 89 B0 81 DA 5B FD 7E 00  99 C3 B2 CD 48 A0 07 80
>                                        PGP key ID 0xFD37F4E5 (pgp.mit.edu)

Although rfpolicy makes no such provisions and if this is remote, as a
potential workaround consider developing IDS signatures to further
mitigate the risks in exposing this vulnerability.

-Jeff

-- 
http://jeff.wwti.com            (pgp key available)
"Common sense is the collection of prejudices acquired by age eighteen."
- Albert Einstein

Next message: Parity: "RE: Complicated Disclosure Scenario"
Previous message: KF: "Re: efax - Exploitation info"
In reply to: Jose Nazario: "RE: Complicated Disclosure Scenario"
Next in thread: Nathan Anderson: "RE: Complicated Disclosure Scenario"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Thu Jan 17 2002 - 23:12:24 PST