lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <121439112.20070921174316@SECURITY.NNOV.RU>
Date: Fri, 21 Sep 2007 17:43:16 +0400
From: 3APA3A <3APA3A@...URITY.NNOV.RU>
To: "Panda Security Response" <secure@...dasecurity.com>
Cc: tarkus@...fp.org, Full Disclosure <full-disclosure@...ts.grok.org.uk>,
	bugtraq@...urityfocus.com, vuldb@...urityfocus.com
Subject: Re: Panda Antivirus 2008 Local Privileg
	Escalation (UPS they did it again)

Dear Panda Security Response,


 secure@...dasoftware.com was contacted about this same vulnerability in
 Panda  Antivirus  2007  on August, 11 2006 (more than year ago) without
 any results and response, until information was published in Bugtraq.

 As  far,  as  I  can  see, pandasecurity.com is Swedish domain of Panda
 while  pandasoftware.com  is  international  one.  I believe it's quite
 reasonable   to   have  secure@...dasoftware.com  to  be  forwarded  to
 secure@...dasecurity.com, don't you think so?


--Thursday, September 20, 2007, 12:58:42 AM, you wrote to full-disclosure@...ts.grok.org.uk:

 

PSR> Users of vulnerable 2007 versions should upgrade to Panda Antivirus
PSR> 2008 and apply the fix provided.

<skipped>

PSR> For future vulnerability reporting to Panda please write specifically
PSR> and exclusively to "Panda Security Response"
PSR> <secure@...dasecurity.com> instead of generic beta or informational
PSR> contact mailboxes.

<skipped>

PSR> blog:  http://research.pandasoftware.com

-- 
~/ZARAZA http://securityvulns.com/
Да, ему чертовски повезло. Эх и паршиво б ему пришлось если бы он выжил! (Твен)

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ