[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <3D666FB3.9080805@guninski.com>
From: guninski at guninski.com (Georgi Guninski)
Subject: HP Full Disclosure Story
This clearly illustrates why the responsibility RFC is a really evil thing.
They are using funny arguments, but consider what threats they shall make if
they have a RFC at hand.
Georgi Guninski
http://www.guninski.com
Tamer Sahin wrote:
> Hello Folks,
>
> In January, have found a security hole in HP AdvanceStack switches. This
> vulnerability affected 8 different swicth models. There had been an
> interesting mail traffic between HP Security Response Team and me. I compiled
> it from my mail archive lastly and I thought that it would take your
> attention.
>
> Best Regards;
>
> Tamer Sahin
> http://www.securityoffice.net
>
>
> ------------------------------------------------------------------------
>
> ********************************************************************************************
> I a sending my first security anouncement to security-alert@...com and i am specifying
> that in at least 4 days, if there is no response, i will publish this vulnerebility without
> any patch. (this time is like a law that is not ruled. in "vulnerability disclosure" procedure)
> ********************************************************************************************
Powered by blists - more mailing lists