| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <3D666FB3.9080805@guninski.com> From: guninski at guninski.com (Georgi Guninski) Subject: HP Full Disclosure Story This clearly illustrates why the responsibility RFC is a really evil thing. They are using funny arguments, but consider what threats they shall make if they have a RFC at hand. Georgi Guninski http://www.guninski.com Tamer Sahin wrote: > Hello Folks, > > In January, have found a security hole in HP AdvanceStack switches. This > vulnerability affected 8 different swicth models. There had been an > interesting mail traffic between HP Security Response Team and me. I compiled > it from my mail archive lastly and I thought that it would take your > attention. > > Best Regards; > > Tamer Sahin > http://www.securityoffice.net > > > ------------------------------------------------------------------------ > > ******************************************************************************************** > I a sending my first security anouncement to security-alert@...com and i am specifying > that in at least 4 days, if there is no response, i will publish this vulnerebility without > any patch. (this time is like a law that is not ruled. in "vulnerability disclosure" procedure) > ********************************************************************************************
Powered by blists - more mailing lists