[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-Disclosure] OpenSSH - is X-Force really behind this?

To: Michal Zalewski <lcamtuf@xxxxxxxxxxx>
Subject: Re: [Full-Disclosure] OpenSSH - is X-Force really behind this?
From: Eric Rescorla <ekr@xxxxxxxx>
Date: Mon, 29 Sep 2003 08:27:02 -0700

> On Mon, 22 Sep 2003 Valdis.Kletnieks@xxxxxx wrote:
> 
> > Charles Darwin and Alfred Wallace independently came up with
> > the concept of natural selection.
> 
> The cycle of a vulnerability from discovery to publication (or leak) is
> probably around two weeks to one month on average, which is a fairly short
> timeframe. Collissions have happened in the past for more trivial issues,
> but this is not one of them - the vulnerability reported is a fairly
> non-obvious and obscure problem.

Michael,

I was interested to hear you quote this statistic.
Do you have a reference for it that you can point
me to?

Thanks,
-Ekr

--
[Eric Rescorla                                   ekr@xxxxxxxx]
                http://www.rtfm.com/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

References:
- Re: [Full-Disclosure] OpenSSH - is X-Force really behind this?
  - From: Michal Zalewski

Prev by Date: Re: [Full-Disclosure] Re: Pudent default security
Next by Date: Re: [Full-Disclosure] Soft-Chewy insides (was: CyberInsecurity: The cost of Monopoly)
Previous by thread: Re: [Full-Disclosure] OpenSSH - is X-Force really behind this?
Next by thread: [Full-Disclosure] Is Marty Lying?
Index(es):
- Date
- Thread