[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-disclosure] ZDI-07-006: Citrix Metaframe Presentation Server Print Provider Buffer Overflow Vulnerability

To: zdi-disclosures@xxxxxxxx
Subject: Re: [Full-disclosure] ZDI-07-006: Citrix Metaframe Presentation Server Print Provider Buffer Overflow Vulnerability
From: Christian Kujau <lists@xxxxxxxxxxxxxxx>
Date: Wed, 24 Jan 2007 20:43:14 +0000 (GMT)

On Wed, 24 Jan 2007, zdi-disclosures@xxxxxxxx wrote:
> -- Disclosure Timeline:
> 2005.07.07 - Pre-exiting Digital Vaccine released to TippingPoint
> customers
> 2006.10.02 - Vulnerability reported to vendor
> 2007.01.24 - Coordinated public release of advisory

out of curiosity: why took it 1+ year to report this vulneralbility to 
the vendor?

-- 
BOFH excuse #366:

ATM cell has no roaming feature turned on, notebooks can't connect

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Follow-Ups:
- Re: [Full-disclosure] ZDI-07-006: Citrix Metaframe Presentation Server Print Provider Buffer Overflow Vulnerability
  - From: Jason Areff

References:
- [Full-disclosure] ZDI-07-006: Citrix Metaframe Presentation Server Print Provider Buffer Overflow Vulnerability
  - From: zdi-disclosures

Prev by Date: [Full-disclosure] [OPENADS-SA-2007-001] phpAdsNew and phpPgAds 2.0.9-pr1 vulnerability fixed
Next by Date: Re: [Full-disclosure] 0trace - traceroute on established connections
Previous by thread: [Full-disclosure] ZDI-07-006: Citrix Metaframe Presentation Server Print Provider Buffer Overflow Vulnerability
Next by thread: Re: [Full-disclosure] ZDI-07-006: Citrix Metaframe Presentation Server Print Provider Buffer Overflow Vulnerability
Index(es):
- Date
- Thread