| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <F028B146DACD54419D564A00090F66AD36EF66@comail1.corp.idanalytics.com> From: smacdougall at idanalytics.com (MacDougall, Shane) Subject: Command Injection Vulnerability in stat.qwest.net- OFFTOPIC IIRC Level 3 also uses looking glass... =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= Shane MacDougall Lead Security Officer ID Analytics San Diego, California USA Direct: (858) 427-2860 Toll Free: 866-240-4484 x 2860 Fax: 858-427-2899 -----Original Message----- From: Blue Boar [mailto:BlueBoar@...evco.com] Sent: Friday, August 22, 2003 9:19 AM To: Kurt Seifried Cc: Dan Daggett; Full-Disclosure Subject: Re: [Full-Disclosure] Command Injection Vulnerability in stat.qwest.net- OFFTOPIC Kurt Seifried wrote: > Why are you telling us this? How does it affect anyone, but qwest, who you > notified, and who fixed it. Do we now send out a security advisory every > time we notify sometime to disable a vulnerable service (sir, you have > telnet enabled). This is getting ridiculous. Couple of points: It may be nice to know the track record of a company even though the problem has been fixed. Also, QWest isn't the only ISP that uses Looking Glass... BB _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Powered by blists - more mailing lists