mailing list archives
Re: GREENAPPLE Release
From: Loptr Chaote <loptr.chaote () gmail com>
Date: Sat, 12 Feb 2005 20:29:05 +0100
On Fri, 11 Feb 2005 19:20:11 -0500, Byron L. Sonne <blsonne () rogers com> wrote:
This is a quick announcement that the recent Microsoft patch (MS-05- has
fixed a vulnerability I found a while back in SMB.
This vuln that you found 'a while back', did you mention anything about
it then or have you just conveniently kept it to yourself until now?
Doesn't sound like full disclosure to me.
I thought Full Disclosure propagators actually endorsed waiting for a
vendor to fix the vulnerability before announcing a security hole..
On the other hand what do I know? My hat is black.
Full-Disclosure - We believe in it.