| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <426BD5FD.7090507@immunitysec.com> Date: Sun, 24 Apr 2005 13:23:09 -0400 From: Dave Aitel <dave@...unitysec.com> To: Paul Laudanski <zx@...tlecops.com> Cc: vulndiscuss@...nwatch.org, link@...ts.grok.org.uk, bugtraq@...urityfocus.com, full-disclosure@...ts.grok.org.uk Subject: Re: [VulnDiscuss] Re: -==phpBB 2.0.14 Multiple Vulnerabilities==-[Scanned] Paul Laudanski wrote: >>Risk: Low Risk!! >>Impact: Multiple Vulnerabilities. >> >> -==phpBB 2.0.14 Multiple Vulnerabilities==- >> >> > >Unsure if its me, but I didn't see a vendor notification here? Might be >because I'm so happy being a proud new dad, but, I thought proper >disclosure etiquette involved vendor notification and time to test >properly, and waiting for a patch to be released? > >Whatever happened to that? > > > Nothing happened to that - it was never true. Those of us who find bugs would really appreciate it if every Microsoft MVP would stop astroturfing these lists about it too. Thanks, Dave Aitel Immunity, Inc. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists