[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-Disclosure] Vendor non-acknowledgement



On Tue, Sep 30, 2003 at 09:37:53AM -0500, Kent A wrote:

> Novell recently put out security release 
> (http://support.novell.com/cgi-bin/search/searchtid.cgi?/10087316.htm) 
> based upon my notifications to them.  Do most vendors acknowledge 
> security professionals that bring vulnerabilities to them? 

I can understand that a company such as Novell doesn't want to credit
"Kent A <bowulf@myrealbox.com>" with the discovery of a software
vulnerability.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html