Re: [Full-Disclosure] Vendor non-acknowledgement
From: Giovanni Bobbio (giovanni_at_communicationvalley.it)
Date: 09/30/03
- Previous message: Stormwalker: "Re: [Full-Disclosure] More on Dan Geer"
- In reply to: Florian Weimer: "Re: [Full-Disclosure] Vendor non-acknowledgement"
- Next in thread: Nicob: "Re: [Full-Disclosure] Vendor non-acknowledgement"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: full-disclosure@lists.netsys.com Date: Tue, 30 Sep 2003 19:02:20 +0200
On Tuesday 30 September 2003 18:07, Florian Weimer wrote:
> On Tue, Sep 30, 2003 at 09:37:53AM -0500, Kent A wrote:
> > Novell recently put out security release
> > (http://support.novell.com/cgi-bin/search/searchtid.cgi?/10087316.htm)
> > based upon my notifications to them. Do most vendors acknowledge
> > security professionals that bring vulnerabilities to them?
>
> I can understand that a company such as Novell doesn't want to credit
> "Kent A <bowulf@myrealbox.com>" with the discovery of a software
> vulnerability.
I don't understand it, could you explain your rationale?
And we don't really know whether he identified himself as Kent A or Mickey
Mouse or...
Giovanni
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
- Previous message: Stormwalker: "Re: [Full-Disclosure] More on Dan Geer"
- In reply to: Florian Weimer: "Re: [Full-Disclosure] Vendor non-acknowledgement"
- Next in thread: Nicob: "Re: [Full-Disclosure] Vendor non-acknowledgement"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
