<a href="http://g.adspeed.net/ad.php?do=clk&zid=14678&wd=728&ht=90&pair=as" target="_top"><img style="border:0px;" src="http://g.adspeed.net/ad.php?do=img&zid=14678&wd=728&ht=90&pair=as" alt="i" width="728" height="90"/></a>

Nmap Security Scanner

Docs
Security Lists

Full Disclosure

More
Security Tools

Packet crafters

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

edgeos

Dailydave: Re: A really bad month for Novell

Re: A really bad month for Novell

From: Steven M. Christey <coley_at_mitre.org>
Date: Thu, 7 Dec 2006 17:23:12 -0500 (EST)

"Anton Chuvakin" <anton_at_chuvakin.org> said:

>Wow, did something happen in the world and I totally missed it? Is
>this what they call a "best practice" (yak!) now...? 1 year and 3
>months to report a vuln to a vendor...

You sometimes see these kinds of tidbits in iDEFENSE advisories, too.
I'm not sure of the reason for it, although maybe there's a delay
while they verify if the issue is real, and/or figure out who to
notify at the vendor. Which I know many researchers can relate to :)

- Steve
_______________________________________________
Dailydave mailing list
Dailydave_at_lists.immunitysec.com
http://lists.immunitysec.com/mailman/listinfo/dailydave
Received on Dec 07 2006

This message: [ Message body ]
Next message: Steven M. Christey: "Re: Remote language detection"
Previous message: Aaron: "[enumeration vulnerability] Mobile IP, dynamics mip implementation, and you"
Maybe in reply to: Dude VanWinkle: "Re: A really bad month for Novell"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]

edgeos