lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <200407051511500.SM01856@3gp4server>
From: m.laurence at groveindependentschool.co.uk (Mark Laurence)
Subject: Gmail Information Disclosure Vulnerability

"You have no respect for the Gmail Team, that's for sure."
Why would he? Respect is earned not given for free.
 
"It's about kiddies posting advisories and exploits for fun and little care
for the vendor(s)."
No the reason they are generally supposed to be posted AFAIK is so that the
secuirty concious user is aware and can take steps to prevent them from
being exploited. Granted reasonable steps should be taken to contact the
vendor, if they dont respond then what can one do?
 
Thanks
Mark
 


   _____  

From: full-disclosure-admin@...ts.netsys.com
[mailto:full-disclosure-admin@...ts.netsys.com] On Behalf Of System Outage
Sent: 05 July 2004 14:47
To: full-disclosure@...ts.netsys.com
Subject: Re: [Full-Disclosure] Gmail Information Disclosure Vulnerability


If it's not about respect then what is it about? 
 
 
 
I guess this list isn't about respect...
 
It's about kiddies posting advisories and exploits for fun and little care
for the vendor(s).
 
 
Cheerio
 

amforward@...lsurf.com wrote:

System Outage wrote:

|The correct channel to post such "bugs" is the Gmail contact link for "bug 
|reports". 

I have already contacted Gmail about 10 days ago, but I have not received
any 
replies till this moment.

|If you had waited until the Gmail dev team declared gmail a public release,

|you would have gained more respect in the security community scene.

I don't think this is about respect afterall.

Regards,
Ahmed Motaz

------------------------------------------------------
Mailsurf.com your communication portal for SMS,
Email, Fax, E-Cards and more. www.mailsurf.com

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html




   _____  

Do you Yahoo!?
HYPERLINK
"http://us.rd.yahoo.com/mail_us/taglines/virus/*http://promotions.yahoo.com/
new_mail/static/protection.html"Yahoo! Mail - Helps protect you from nasty
viruses.


---
Incoming mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.656 / Virus Database: 421 - Release Date: 09/04/2004



---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.656 / Virus Database: 421 - Release Date: 09/04/2004
 
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20040705/31cd2c9e/attachment.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ