lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <84ECAF53A2F0F045BD9B7FD0FC56A0BD08EC270E@ESMADEXH02.MADRID.PANDASOFTWARE.LOCAL>
Date: Mon, 24 Sep 2007 09:48:19 +0200
From: "Panda Security Response" <secure@...dasecurity.com>
To: "3APA3A" <3APA3A@...URITY.NNOV.RU>,
	"Panda Security Response" <secure@...dasecurity.com>
Cc: "Full Disclosure" <full-disclosure@...ts.grok.org.uk>,
	<bugtraq@...urityfocus.com>, <tarkus@...fp.org>,
	<vuldb@...urityfocus.com>
Subject: RE: Re[2]: [Full-disclosure] Panda Antivirus 2008 Local Privileg Escalation (UPS they did it again)

 
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

> -----Original message-----
> From: 3APA3A [mailto:3APA3A@...URITY.NNOV.RU] 
> 
>  secure@...dasoftware.com was contacted about this same 
> vulnerability in  Panda  Antivirus  2007  on August, 11 2006 
> (more than year ago) without  any results and response, until 
> information was published in Bugtraq.

The vulnerability response team was created in 10/2006 to manage
vulnerability reports and create fixes as necessary. 


>  As  far,  as  I  can  see, pandasecurity.com is Swedish 
> domain of Panda  while  pandasoftware.com  is  international  
> one.  I believe it's quite  reasonable   to   have 
> secure@...dasoftware.com  to  be   forwarded  to
> secure@...dasecurity.com, don't you think so?

Re: secure@...dasoftware.com & secure@...dasecurity.com, it's the
same contact mailbox at the Panda HQ domain in Spain (.es), not
Sweden (.se). Public key attached.

Regards,

- ----------------------------------------------
Pedro Bustamante
Senior Research Advisor
Panda Security

email: pedro.bustamante@...dasecurity.com <0xC684A6F9>
vulns: secure@...dasecurity.com <0x70F3FEA0>
phone: (+34) 91-8063700
blog:  http://research.pandasoftware.com 
- ----------------------------------------------



-----BEGIN PGP SIGNATURE-----
Version: PGP 8.1

iQA/AwUBRvdrw46s6aZw8/6gEQJ+bACfWyLJHFMarDWRU1h/sbD7xttIUmkAoO2W
lMvAKwSZDMPuCx7yCnEFnQ+y
=wLME
-----END PGP SIGNATURE-----
 

Download attachment "Panda Security Response.asc" of type "application/octet-stream" (1921 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ