, SecurityFocus 2007-03-01
ARLINGTON, VA. -- Security researcher David Maynor got some measure of vindication at the Black Hat DC Conference this year.
Expand all |
Post comment
Maynor reveals missing Apple flaw
2007-03-02
David Taylor (2 replies)
David Taylor (2 replies)
You got it all wrong Robert
2007-03-05
Anonymous (1 replies)
Anonymous (1 replies)
Re: You got it all wrong Robert
2007-03-05
Robert Lemos (1 replies)
Robert Lemos (1 replies)
If there was nothing to find, then how how did apple magically find and fix the bugs for Maynor to reverse the patches and write exploit code?
What did Maynor do, look in his crystal ball and guess? Look fanboys, Occams razor. Look it up.
BTW it's very common and also ethical to release a PoC that just crashes the target as opposed to running exploit code. Crash... you can see what the DoS pushed onto the stack and tell that it would be possible to run arbitrary code. Meanwhile, script kiddies won't be 0wning every apple at the local starbucks.
[ reply ]
Link to this comment: http://www.securityfocus.com/comments/articles/11445/34368#34368