lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <20060422200926.64D132435A@ws5-3.us4.outblaze.com>
Date: Sat Apr 22 21:10:19 2006
From: crypticmauler at linuxmail.org (CrYpTiC MauleR)
Subject: Notifying an institution about a vulnerability

Yes which is why I would never do it =o). I had contected tech support talked to them about it and they didnt know what I was talking about and well...seemed like they just got that position for something other than having any expertise. I finally managed to contact the VP of IT and he assured me it would be fixed but in fact STILL has not been. So I also talked to some people above him and yes, as you guessed it still not fixed. So I am looking for other options. I just want to get this resolved as soon as possible, not only is it using up my time, but putting my infomation at risk. So if anyone knows someone who might be able to add some leverage and press the school to fix it ASAP then please post. Thank you.


> ----- Original Message -----
> From: "Cliff Bamford" <bamford@...net>
> To: full-disclosure@...ts.grok.org.uk
> Subject: [Full-Disclosure] Notifying an institution about a vulnerability
> Date: Sat, 22 Apr 2006 21:53:31 +0200
> 
> 
> 
> > i think you may exploit this vuln and get several SSN, and then 
> > email to the institute to show the severity of your report.
> >
> 
> In the US, doing that could get you into a ton of criminal and civil trouble
> (I'm sad to say).
> What steps did the original poster take to notify the institution, exactly?
> 
> 
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/

>


-- 
_______________________________________________
Check out the latest SMS services @ http://www.linuxmail.org
This allows you to send and receive SMS through your mailbox.

Powered by Outblaze

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ