| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 21 Jun 2005 13:17:08 -0500 From: H D Moore <sflist@...italoffense.net> To: BUGTRAQ <bugtraq@...urityfocus.com> Subject: Security Contact for Lyris I am trying to reach the security contact at Lyris (www.lyris.com). I sent an email to every address listed on the web site and keep getting blown off by the operator when I call[1]. The OSVDB Vendor Dictionary has no contact information listed for Lyris. There are a number of serious, remotely-exploitable issues in the ListManager product... -HD 1. On the first call, I asked for product development or someone in the security department. The operator asked me why I was calling, I explained that I was trying to report a security vulnerability. Shes asks if I want sales, I try to explain again why I am calling. I was transferred in mid-sentence to a voicemail box with no name. I called back again, this time using their voice menu to transfer to sales. The same operator picks up the call and I try to explain the situation again. I ask for sales, she won't forward me because I "don't want to purchase the product". I ask for customer support, she won't forward me because I am not a current customer. I explain again that I am trying to do them a favor and that I really need to contact someone in the product development or security departments. The call ends.
Powered by blists - more mailing lists