Article on Full Disclosure

From: Alfred Huger (ah@securityfocus.com)
Date: 10/22/01 

Date: Mon, 22 Oct 2001 11:30:06 -0600 (MDT)
From: Alfred Huger <ah@securityfocus.com>
To: <pen-test@securityfocus.com>
Subject: Article on Full Disclosure
Message-ID: <Pine.GSO.4.30.0110221126570.24702-100000@mail>

Hey folks,

As most of you know recently MS released a paper about Full Disclosure and
responsible disclosure. Both of these issues ultimately impact the
penetration testing world quite heavilly. Elias Levy has written a
responsorial article which I suspect will be of interest to folks here who
are in the pen-testing field.

http://www.securityfocus.com/news/270

Cheers,
-al

VP Engineering
SecurityFocus
"Vae Victis"

----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/

Relevant Pages

  • full disclosure article
    ... from pen-test: ... Subject: Article on Full Disclosure ... Hey folks, ... responsible disclosure. ...
    (Security-Basics)
  • Press Release Response
    ... > A Call for Responsible Disclosure Guidelines for the Information Security ... how quickly the worm would propagate and even the ...
    (NT-Bugtraq)
  • [Full-disclosure] Fwd: Are Bug Disclosures Helping or Hurting?
    ... report released today, which found that 80 percent of all ... within 24 hours of official vulnerability disclosure, ... have full disclosure," she told InternetNews.com. ... "Certainly the concept of responsible disclosure ...
    (Full-Disclosure)
  • Novell volume changing?
    ... We are pen-testing a Novel 5.x webserver with the source page disclosure ... aren't able to get to jump from SYS: to ANOTHER: ... This list is provided by the SecurityFocus Security Intelligence Alert ... For more information on SecurityFocus' SIA service which ...
    (Pen-Test)
  • Re: [Full-disclosure] Re: Call for new mailing lists @ SecurityFocus (X-POST)
    ... Do you mean symantec first checks every message which causes a delay? ... it's called delayed disclosure and it's called ... > information which used to be free before securityfocus 'went commercial' ... Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org ...
    (Full-Disclosure)