mailing list archives
Re: Nokia firewalls
From: "King, Iain" <Ext-Iain.King () NOKIA COM>
Date: Wed, 29 Nov 2000 00:35:59 +0200
PS. The only contact I have for Nokia is
info.ipnetworking_americas () nokia com, I don't believe that this mailbox
would have given this information proper handling, my hope is that
somebody @ Nokia will either be on this list or somebody will know
actually how to contact this vendor. And as I allready stated, this is
a pretty low-priorty vulnerability, requireing an authenticated user.
However, if they had a ssl site or did not have clear text TELNET
authentication by default it would make me feel much better.
Im on this list, and though I'm not an employee of Nokia Security.. I have
informed them of your post.
I'd expect to see an official reply some time soon.
I guess you have considered to inform the manufacturer? So why post it
here at this point?
PS: I would encourage to use normal disclosure procedures giving the
manufacturer 5 working days for such issues.
I agree completely, and I think that people should spend at least 5 minutes
looking for a contact mail..
for eg: on the nokia website, www.nokia.com theres a link to security
appliance, which contains such
address' for "Further Information".
IM EUS Unix Specialist
Nokia Telecommunications, MPD/APAC
- Re: Nokia firewalls King, Iain (Nov 30)