Date: Tue, 21 Jul 2009 20:58:21 +0200 From: Oliver Pinter <oliver.pntr@gmail.com> To: "Jason V. Miller" <jmiller@securityfocus.com>, "Dag-Erling Sm??rgrav" <des@des.no> Cc: freebsd-security@freebsd.org, FreeBSD Security Officer <cperciva@freebsd.org> Subject: Re: 2009-07-20 FreeBSD 7.2 (pecoff executable) Local Denial of Service Exploit 23 R D Shaun Colley Message-ID: <6101e8c40907211158j29a84b2fl6b343790b698977b@mail.gmail.com> In-Reply-To: <20090721180413.GA13170@mail.securityfocus.com> References: <6101e8c40907201008n62eeec05r6670a79698bc2ac7@mail.gmail.com> <86zlayvydu.fsf@ds4.des.no> <20090721180413.GA13170@mail.securityfocus.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Hi all!
Yeah, I found the expolit in milw0rm at Jul 20, 2009. and send this
mail, before I never read anything from so@freebsd.org... and from
this mail (I think security officer), so then add cperciva to CC.
btw:
oliver@oliverp src> git grep "so@freebsd.org"
sys/dev/usb/ubser.c: * Copyright (c) 2004 Ber{}ter <tic{}sd.org>
sys/dev/usb/ubser.h: * Copyright (c) 2003 Ber{}ter <tic{}asd.org>
This git tree is the full freebsd tree, imported to git, and no
information from this mail address.
On 7/21/09, Jason V. Miller <jmiller@securityfocus.com> wrote:
> On Tue, Jul 21, 2009 at 05:39:25PM +0200, Dag-Erling Sm??rgrav wrote:
>> Oliver Pinter <oliver.pntr@gmail.com> writes:
>> > http://milw0rm.com/exploits/9206
>>
>> Standard procedure is to contact so@freebsd.org directly rather than
>> post an exploit on a public, archived mailing list.
>
> To be fair, he didn't post a new exploit to the list, but instead a link to
> an already-public exploit.
>
> J.
>
> --
> Jason V. Miller
>
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?6101e8c40907211158j29a84b2fl6b343790b698977b>