[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Full-Disclosure] Notifying an institution about a vulnerability

To: <full-disclosure@xxxxxxxxxxxxxxxxx>
Subject: [Full-Disclosure] Notifying an institution about a vulnerability
From: "Cliff Bamford" <bamford@xxxxxx>
Date: Sat, 22 Apr 2006 21:53:31 +0200

> i think you may exploit this vuln and get several SSN, and then email 
> to the institute to show the severity of your report.
>

In the US, doing that could get you into a ton of criminal and civil trouble
(I'm sad to say).
What steps did the original poster take to notify the institution, exactly?


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Prev by Date: Re: [Full-disclosure] Who Do I Contact?
Next by Date: Re: [Full-disclosure] Who Do I Contact?
Previous by thread: RE: [inbox] Re: [EDU-ops] [Full-disclosure] Who Do I Contact?
Next by thread: Re: [Full-Disclosure] Notifying an institution about a vulnerability
Index(es):
- Date
- Thread