Re: [Full-disclosure] Fw: Earth to Facebook
- From: Michal Zalewski <lcamtuf@xxxxxxxxxxx>
- Date: Mon, 19 Mar 2012 10:28:40 -0700
The only other people that see the vulnerability are the select few in
upSploit.
OK. You should probably document that, and make it clear that this
policy will not change without the reporter's explicit consent.
It's an interesting project - but you guys are working for security
software vendors and security consultancies, so I think it's important
to clarify.
Use it once for something you may not care about to much and see how it
works for you.
Well, that's not the point - the real question is what happens with
valuable vulnerabilities. But really, I'm not criticizing.
/mz
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
- References:
- Re: [Full-disclosure] Fw: Earth to Facebook
- From: upsploit advisories
- Re: [Full-disclosure] Fw: Earth to Facebook
- From: Michal Zalewski
- Re: [Full-disclosure] Fw: Earth to Facebook
- From: upsploit advisories
- Re: [Full-disclosure] Fw: Earth to Facebook
- Prev by Date: [Full-disclosure] LiteSpeed <= 4.1.11 Admin panel XSS
- Next by Date: Re: [Full-disclosure] The Mystery of the Duqu Framework
- Previous by thread: Re: [Full-disclosure] Fw: Earth to Facebook
- Next by thread: [Full-disclosure] Android wipe unreliable
- Index(es):
