lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <20030624185011.46396.qmail@web40012.mail.yahoo.com>
From: cesarc56 at yahoo.com (Cesar)
Subject: Symantec ActiveX control buffer overflow

I didn't post it to bugtraq, anyways they would hide
the advisory until a fix were ready, this is a common
practice in some SecurityFocus mailing lists.
I won't post anymore advisories to SecurityFocus
mailing lists, they use to not aprove my posts so f*ck
them. One time they ask me to give them some bug
details and post it to bugtraq and i didn't accept,
then when i wanted to post the bug advisory they
didn't aprove my post. Also SecurityFocus is a
Symantec company and Symantec is member of oisafety
group so in future bugtraq will be full of old news if
Symantec will lead by example about the 30-day grace
period and all that ... It took me 1 minute to find
the bug, i wonder if Symatec is a security company
they should be more serious, shouldn't they?.


Cesar.

--- Georgi Guninski <guninski@...inski.com> wrote:
> Cesar wrote:
> > Vendor Status :
> > 
> > I really sorry Symantec i forgot about the 30-day
> > grace period (see  "Security Vulnerability
> Reporting 
> > and Response Process",
> > http://www.oisafety.org/process.html), also i
> forgot
> > to report it :)
> > This is really funny Symantec try to protect users
> and
> > they intruduce dangerous ActiveX controls in users
> > computers. I think that maybe this control should
> be
> > inroduced in Norton virus list :). I wonder if
> this
> > advisory will be on Security Focus news or
> > vulnerability database.
> > 
> > 
> 
> Did you post this to bugtraq, can't see it there?
> 
> There is funny self promoting msg on bugtraq from
> symantec regarding this bug.
> 
> georgi
> 


__________________________________
Do you Yahoo!?
SBC Yahoo! DSL - Now only $29.95 per month!
http://sbc.yahoo.com

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ