| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
From: pete.connolly at btinternet.com (Pete Connolly) Subject: Re: [bugtraq] Novell GroupWise WebAccess error modules loading On Monday 17 January 2005 16:42, Marc Ruef wrote: > Dear ladies and gentlemen > <SNIP description of two potential problems> > We have not found any information on that issue. So I sent this information > (nearly the same posting) on 14/12/04 to info@...ell.com and asked for a > solution. As I haven't heard _anything_ until 23/12/04 I sent a reminder > email to the same address. So no reply came back we made this vulnerability > public finally to force Novell to react on this case. An Attack Tool Kit > (ATK) plugin that addresses this vulnerability will be published in the > next days[1]. > > Regards, > > Marc Ruef > > [1] http://www.computec.ch/projekte/atk/ It took me less than 10 seconds to find this url http://support.novell.com/security-alerts/ using the keywords "novell security email address" in Google. Had you taken the same time to do this, you would have found that secure@...ell.com is the place to send this kind of notification. No doubt you've spent a lot of time doing some good research. Had you spent a little longer there would probably be a patch by now. Making up 'possible' email addresses for this kind of mail and then 'forcing' Novell to go public on an issue that's probably sitting in a spam bucket is a bit of waste of everyone's time and effort, your own included. Regards Peter
Powered by blists - more mailing lists