lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <CAJtJjZv_UoRx-Nmgs63tX51Wx1Zf---n61A8XbWX7DRmWZYFMg@mail.gmail.com>
Date: Fri, 4 Nov 2011 11:10:35 +0000
From: Darren Martyn <d.martyn.fulldisclosure@...il.com>
To: Georgi Guninski <guninski@...inski.com>
Cc: full-disclosure@...ts.grok.org.uk
Subject: Re: Secunia jumps on vuln reward bandwagon

I know it sounds lame, but getting even a free coffee mug for disclosing an
XSS or similar is not bad as far as I am concerned.

But out of curiosity, which companies (eg, ZDI) accept web app bugs? Say,
RCE bugs in a bunch of popular web apps or e-commerce applications? Or
LFI/Path traversal bugs in other e-commerce/blogging/admin applets? I would
love to know!

On Fri, Nov 4, 2011 at 9:09 AM, Georgi Guninski <guninski@...inski.com>wrote:

> On Fri, Nov 04, 2011 at 05:13:07AM +1100, GloW - XD wrote:
> > Well, no comment, or comment.... its hard to comment on this one :P
> > Although, i will say it is good and encouraging to see more security
> > teams atleast offering *something*
> > :)
> > love the list...oh yea baby oh yea
> >
> >
> the list is not bad, we have celebrity flamers like GNAA themselves here ;)
>
> i won't be surprised if the list owner (whoever he/she is) sell the list
> at good opportunity (like aleph1 ruined bugtraq).
>
> appears to me secunia gets too much advertisement by injecting
> their spam signature for the cost of hosting and sponsoring,
> though this is up to the list owner.
>
> --
> j
>
> SPAM: vvvvv
>
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>

Content of type "text/html" skipped

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ