Drew Copley wrote:
<mass snippage>
> But, it turns out, that the guys
> who can write exploit code also can reverse engineer patches...
</mass snippage>
You said it all in that sentence. No other commentary was necesary to
make your point.
Besides reading exploit code (if such code were released, which it was
not), I'd imagine (as you mention) reverse engineering the patch and/or
sniffing the network traffic of your (or another) scanner in action
would be much more productive methods of determining how to write an
exploit than your advisory was.
Brian
-- Brian Eckman Security Analyst OIT Security and Assurance University of Minnesota "There are 10 types of people in this world. Those who understand binary and those who don't." _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.htmlReceived on Thu Feb 12 15:07:43 2004
This archive was generated by hypermail 2.1.8 : Thu Feb 12 2004 - 16:01:02 EST
