[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-Disclosure] Vendor non-acknowledgement

To: full-disclosure@lists.netsys.com
Subject: Re: [Full-Disclosure] Vendor non-acknowledgement
From: Giovanni Bobbio <giovanni@communicationvalley.it>
Date: Tue, 30 Sep 2003 19:02:20 +0200

On Tuesday 30 September 2003 18:07, Florian Weimer wrote:
> On Tue, Sep 30, 2003 at 09:37:53AM -0500, Kent A wrote:
> > Novell recently put out security release
> > (http://support.novell.com/cgi-bin/search/searchtid.cgi?/10087316.htm)
> > based upon my notifications to them.  Do most vendors acknowledge
> > security professionals that bring vulnerabilities to them?
>
> I can understand that a company such as Novell doesn't want to credit
> "Kent A <bowulf@myrealbox.com>" with the discovery of a software
> vulnerability.

I don't understand it, could you explain your rationale?
And we don't really know whether he identified himself as Kent A or Mickey 
Mouse or...

Giovanni

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

References:
- [Full-Disclosure] Vendor non-acknowledgement
  - From: Kent A <bowulf@myrealbox.com>
- Re: [Full-Disclosure] Vendor non-acknowledgement
  - From: Florian Weimer <fw@deneb.enyo.de>

Prev by Date: [Full-Disclosure] [RHSA-2003:291-01] Updated OpenSSL packages fix vulnerabilities
Next by Date: RE: [inbox] Re: [Full-Disclosure] CyberInsecurity: The cost of Mo nopoly
Previous by thread: Re: [Full-Disclosure] Vendor non-acknowledgement
Next by thread: Re: [Full-Disclosure] Vendor non-acknowledgement
Index(es):
- Date
- Thread