George A. Theall theall at tenablesecurity.com
Wed Jun 14 07:29:21 EDT 2006

Steven M. Christey wrote:

> I just sent the following to Bugtraq.  Does anybody know of a provably
> correct disclosure from SpC-x?  I've only recently noticed the name.

I don't know the answer off-hand, but I did actually set up boastMachine
3.1 and wheatblog 1.0 and tried the exploits listed in the advisories.
Neither worked for me (PHP 4.4.0 with register_globals on and
magic_quotes_gpc off).

Perhaps s/he's just basing the advisories off a not-very-deep visual
inspection. Or perhaps n3td3v has tired of playing with full-disclosure
and taken on a new set of targets along with a new alias for his fun.

theall at tenablesecurity.com

More information about the VIM mailing list