full-disclosure-uk January 2010 archive
Main Archive Page > Month Archives  > full-disclosure-uk archives
full-disclosure-uk: Re: [Full-disclosure] FortiGuard Advisory: M

Re: [Full-disclosure] FortiGuard Advisory: Microsoft Internet Explorer Remote Memory Corruption Vulnerability

From: Pastor Kornell <pastor.kornell_at_nospam>
Date: Sun Jan 24 2010 - 20:56:26 GMT
To: full-disclosure@lists.grok.org.uk


James Birk <jamesbirk@gmail.com> wrote:
> Good to see nothing's changed with Bugtraq in fifteen years. Anyone want
> to point me to a security list where ads like the one below are not
> allowed?
>

James has a fair point. The advisory could be talking about 9 out of any 10 Internet Explorer bugs, it was completely generic. No poc, no analysis, no exploit. Haifei does not tell me anything I did not know already from MSFT (not much).

I do not care if you want to tag on a listing for your business or product with the presentation of your work, but it better be a useful contribution and not an infomercial. it doesn't matter if you do not have an exploit, but you have to explain the bug with some debugger / dissasembler / output data and analysis so that we can understand or assess whether it is realistically exploitable. If you do not show us even one test case, then we can not test the fix or verify it is fixed correctly and not just a band-aid around the problem. Learning about the bug also lets us track trends and do other useful work.

As a useful guide, count how many lines in your mail are advertisement and how many are advisory - if there are more lines talking about "FortiGate, FortiMail, FortiShamWow and DietForti" than there are about the bug, you're doing it wrong.

For now, everyone would have been better off bindiffing just the patch rather than read your emails. Please fix this in future.

PK



Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/