| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <84ECAF53A2F0F045BD9B7FD0FC56A0BD08EC270E@ESMADEXH02.MADRID.PANDASOFTWARE.LOCAL>
Date: Mon, 24 Sep 2007 09:48:19 +0200
From: "Panda Security Response" <secure@...dasecurity.com>
To: "3APA3A" <3APA3A@...URITY.NNOV.RU>,
"Panda Security Response" <secure@...dasecurity.com>
Cc: tarkus@...fp.org, Full Disclosure <full-disclosure@...ts.grok.org.uk>,
bugtraq@...urityfocus.com, vuldb@...urityfocus.com
Subject: Re: Panda Antivirus 2008 Local Privileg
Escalation (UPS they did it again)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
> -----Original message-----
> From: 3APA3A [mailto:3APA3A@...URITY.NNOV.RU]
>
> secure@...dasoftware.com was contacted about this same
> vulnerability in Panda Antivirus 2007 on August, 11 2006
> (more than year ago) without any results and response, until
> information was published in Bugtraq.
The vulnerability response team was created in 10/2006 to manage
vulnerability reports and create fixes as necessary.
> As far, as I can see, pandasecurity.com is Swedish
> domain of Panda while pandasoftware.com is international
> one. I believe it's quite reasonable to have
> secure@...dasoftware.com to be forwarded to
> secure@...dasecurity.com, don't you think so?
Re: secure@...dasoftware.com & secure@...dasecurity.com, it's the
same contact mailbox at the Panda HQ domain in Spain (.es), not
Sweden (.se). Public key attached.
Regards,
- ----------------------------------------------
Pedro Bustamante
Senior Research Advisor
Panda Security
email: pedro.bustamante@...dasecurity.com <0xC684A6F9>
vulns: secure@...dasecurity.com <0x70F3FEA0>
phone: (+34) 91-8063700
blog: http://research.pandasoftware.com
- ----------------------------------------------
-----BEGIN PGP SIGNATURE-----
Version: PGP 8.1
iQA/AwUBRvdrw46s6aZw8/6gEQJ+bACfWyLJHFMarDWRU1h/sbD7xttIUmkAoO2W
lMvAKwSZDMPuCx7yCnEFnQ+y
=wLME
-----END PGP SIGNATURE-----
Download attachment "Panda Security Response.asc" of type "application/octet-stream" (1921 bytes)
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists