| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <BAY10-DAV17FDC031EC56CA1202E8C8D9240@phx.gbl> Date: Fri Apr 29 15:37:32 2005 From: se_cur_ity at hotmail.com (Morning Wood) Subject: Questions about reporting a vulnerability you are looking for this... http://www.oisafety.org/guidelines/Guidelines%20for%20Security%20Vulnerability%20Reporting%20and%20Response%20V2.0.pdf http://www.oisafety.org cheers, Donnie Werner > Hey All, > > Couple of questions on reporting vulnerabilities: > > 1) Is there a damn template somewhere that can be used, as I'm pretty sure > there was at one point, and I can't seem to find it? If so, could someone > please let me know where this is located? > > 2) Is it worth sending something out like a cookie storing usernames and > passwords in clear text for a major vendor's piece of software? > > 3) What's the correct procedure to go through reporting a vulnerability? > > If all of these questions can be answered with one simple link, can > someone please paste it, as I really need to know this info soon. > > TIA > > xyberpix
Powered by blists - more mailing lists