Gobbles Releases Apache Exploit

Not true. Mark Litchfield had already reported it to Apache and they were working on a fix when ISS published. The problem was getting fixed and if ISS would have waited a few days, like the person who discovered it (Mark), everyone would have had a chance to install the fix before the whole world knew.

Regarding gobbels: If they are so wonderful why did they 1) provide the exploit to their friend months ago so their friend could use the exploit and 2) Only speak up when the bug was about to be fixed. I suspect they feared that once the fix was out they would miss out on fame and glory. If Goebells is so nobel, why didn't they tell Apache privately months ago when they found the exploit?

[ reply ]

Link to this comment: http://www.securityfocus.com/comments/articles/493/13184#13184

Gobbles on time 2002-06-22
Anonymous

Gobbles on time 2002-06-22
Anonymous (1 replies)

Gobbles on time 2002-06-24
Anonymous

Gobbles should do time 2002-06-22
Anonymous (2 replies)

Gobbles should do time 2002-06-24
Anonymous

Gobbles on time 2002-06-22
Anonymous (1 replies)

Hacking -v- cracking 2002-06-25
Anonymous

Gobbles on time 2002-06-22
Anonymous

Gobbles Releases Apache Exploit 2002-06-23
Anonymous (2 replies)

Gobbles Releases Apache Exploit 2002-06-23
Anon (1 replies)

Gobbles Releases Apache Exploit 2002-06-25
Penile Implant

Gobbles Releases Apache Exploit 2002-06-25
Not Really Anonymous

Gobbles Releases Apache Exploit 2002-06-24
Anonymous Coward (1 replies)

Re: Gobbles Releases Apache Exploit 2007-06-27
Red Teeth