[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-Disclosure] Vendor casual towards vulnerability found in product

To: <full-disclosure@xxxxxxxxxxxxxxxx>
Subject: Re: [Full-Disclosure] Vendor casual towards vulnerability found in product
From: George Capehart <capegeo@xxxxxxxxxxxxx>
Date: Wed, 26 May 2004 22:48:57 -0400

On Wednesday 26 May 2004 10:52 am, morning_wood wrote:

<snip>

>
> some disclosure policys can be found at..
>
> http://oisafety.org/
> http://oisafety.org/process.html
>
> http://exploitlabs.com/disclosure-policy.html
> http://www.cert.org/kb/vul_disclosure.html
> http://www.atstake.com/research/policy/
> http://www.hut.fi/~tianyuan/slides/template/template.html

see also the granddaddy of disclosure policies:

http://www.wiretrip.net/rfp/policy.html

/g
-- 
George Capehart

capegeo at opengroup dot org

PGP Key ID: 0x63F0F642 available on most public key servers

"It is always possible to agglutenate multiple separate problems into a
 single complex interdependent solution.  In most cases this is a bad
 idea."  -- RFC 1925

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

References:
- [Full-Disclosure] Vendor casual towards vulnerability found in product
  - From: stevenr
- Re: [Full-Disclosure] Vendor casual towards vulnerability found in product
  - From: morning_wood

Prev by Date: Re: [Full-Disclosure] Re: Cisco's stolen code
Next by Date: Re: [Full-Disclosure] Re: Cisco's stolen code
Previous by thread: Re: [Full-Disclosure] Vendor casual towards vulnerability found in product
Next by thread: RE: [Full-Disclosure] Vendor casual towards vulnerability found in product
Index(es):
- Date
- Thread