| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu Apr 20 21:40:16 2006 From: A.L.M.Buxey at lboro.ac.uk (A.L.M.Buxey@...ro.ac.uk) Subject: Secunia illegal spam and advisory republication Hi, > If they are rewording advisories, then they are revealing information > which was not secret. Assuming that they are in fact claiming the > discovery as their own (I haven't checked this myself), I'd consider that > dishonest, but I don't know it would be considered a copyright violation. > Perhaps plagiarism. they are not [claiming the discovery as theirs] in any way. n3td3v is talking absolute rubbish. anyone with a single brain cell can simply visit Secunias site and check their vulnerability database. lets take a random example...<tap tap clickety click> PCPIN Chat SQL Injection and Local File Inclusion Vulnerabilities <snip> Description: rgod has discovered two vulnerabilities in PCPIN Chat, which...<snip> Provided and/or discovered by: rgod Original Advisory: http://retrogod.altervista.org/pcpin_504_xpl.html <snip> and then their little footnote: Please note: The information, which this Secunia Advisory is based upon, comes from third party unless stated otherwise. Secunia collects, validates, and verifies all vulnerability reports issued by security research groups, vendors, and others. <snip> there. thats 4 different places where they note that they are not the discoverers and that it was someone elses work. they give credit at least twice. as for this list being sponsored by Secunia. did n3td3v not actually READ the list at all before subscribing or posting to it? who wouldn't take such preliminary cautions? alan
Powered by blists - more mailing lists