[Full-disclosure] HP Tru64 dtmail bug - Really exploitable?
K F (lists)
kf_lists at digitalmunition.com
Sun Oct 22 20:49:22 BST 2006
Roman Medina-Heigl Hernandez wrote:
>
> More or less according to HP advisory ("HPSBTU02163 SSRT061223") which
> marks the impact as POTENTIAL ("Potential Security Impact: Local execution
> of arbitrary code")
Don't mind the smoke and mirrors. HP always says that. Even with working
root exploits in hand HP will release an advisory that say 'potential'.
don't believe me?
http://archives.neohapsis.com/archives/tru64/2002-q3/0019.html
http://downloads.securityfocus.com/vulnerabilities/exploits/TRU64_su.pl
funny how that works eh?
-KF
Full-Disclosure is hosted and sponsored by Secunia.