Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <4519-1531427551.172578@CMoX.E0bU.Zyds>
Date: Thu, 12 Jul 2018 20:32:31 +0000
From: halfdog <me@...fdog.net>
To: oss-security@...ts.openwall.com
Subject: Re: Libc Realpath Buffer Underflow CVE-2018-1000001 expolit source code for SuSE 12 SP2

Hello Lao,

zrlw@...a.com wrote:
> Hi, i wrote a exploit  base on  halfdog's RationalLove.c, and
> successfully tested on SuSE Enterprise Server 12 SP 2.I want
> send it back to halfdog, but it seemed that my email always
> be rejected(maybe because i'm in china), ...

You message was received technically. I just did not find any
motivation to fetch my messages for half a year. Sorry about that.

> ... may you transfer it
> to halfdog? all the code belong to him. Thanks!LaoWei2018/6/25

Good work! I put it to [0] mentioning it in the text and timeline,
so that it can be found. Send me a note if the text is appropriate
for you. I can also add a link to your blog/additional explanations,
how you managed to create a solution for SuSE.

hd

[0] https://www.halfdog.net/Security/2017/LibcRealpathBufferUnderflow/RationalLove-SuSE12-SP2.c


Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.