[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Full-disclosure] MSIE (mshtml.dll) OBJECT tag vulnerability
- To: <full-disclosure@xxxxxxxxxxxxxxxxx>, <trbilbro@xxxxxxxxxxx>
- Subject: Re: [Full-disclosure] MSIE (mshtml.dll) OBJECT tag vulnerability
- From: <0x80@xxxxxxx>
- Date: Fri, 28 Apr 2006 00:57:47 -0700
Blah blah blah... shut the fuck up whiner.
Mr. C.I.S.S.P... Mr. M.C.S.E
What the fuck do you know about working with vendors and
vulnerabilities? Jack and shit.. that is what you know.
You want a service.. then fuckin pay for it newb.
On Wed, 26 Apr 2006 08:06:09 -0700 Tim Bilbro
<trbilbro@xxxxxxxxxxx> wrote:
>You do a disservice to all IT shops by announcing these
>vulnerabilities
>before contacting the vendor. I am sure it would not generate as
>much
>web traffic to your site, but it is only fair and right to allow
>at
>least some amount of time for the vendor to respond. If you think
>you
>are helping, you are wrong. Would you go around town checking
>which
>stores are unlocked at night and then publish the list in the news
>before letting the shop owners know? That's pretty much what you
>are
>doing. It's just not helping. There is no proof that it is either.
>
>Tim Bilbro
>Information Security Specialist
>CISSP, MCSE
>trbilbro@xxxxxxxxxxx
>web: www.bloglines.com/blog/Bilbro
>RSS: www.bloglines.com/blog/Bilbro/rss
Concerned about your privacy? Instantly send FREE secure email, no account
required
http://www.hushmail.com/send?l=480
Get the best prices on SSL certificates from Hushmail
https://www.hushssl.com?l=485
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/