451 CAOS Theory *
A blog for the enterprise open source community

Anti-Sniping move on the pen test list, the Daily Dave

Nick Selby, April 16, 2006 @ 2:12 pm ET

From the Daily Dave, a penetration testing mailing list which has seen a couple vendors snipe back and forth at one another recently about one claiming to have found an exploit in the other’s … uh, whatever. Dave Aitel, CTO of Immunity, Inc., in an effort to settle the issue objectively, writes:

You, the vendor, provide a Virtual Machine, Installer, appliance, or similar object. I run our new MS06-014 exploit through it and tell
everyone how you did. You can do it whenever you want - obviously the public will reward promptness with claps and lateness with jeers. You
don’t get the exploit until the next CANVAS release, which will obviously make it a lot easier.

Get it, Dave!

Permalink | Technorati Links | Bookmark on del.icio.us | digg it
Categories: Security

Comments RSS feed | Trackback URI

Comments»

No comments yet.

Leave a Comment

Some HTML is allowed: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong> .

Your Comment (smaller size | larger size)