Home page logo

fulldisclosure logo Full Disclosure mailing list archives

Re: Secunia illegal spam and advisory republication
From: A.L.M.Buxey () lboro ac uk
Date: Thu, 20 Apr 2006 21:40:08 +0100


If they are rewording advisories, then they are revealing information 
which was not secret.  Assuming that they are in fact claiming the 
discovery as their own (I haven't checked this myself), I'd consider that 
dishonest, but I don't know it would be considered a copyright violation. 
Perhaps plagiarism.

they are not [claiming the discovery as theirs] in any way. n3td3v is talking
absolute rubbish. anyone with a single brain cell can simply visit Secunias site
and check their vulnerability database. lets take a random example...<tap tap
clickety click>

PCPIN Chat SQL Injection and Local File Inclusion Vulnerabilities
rgod has discovered two vulnerabilities in PCPIN Chat, which...<snip>
Provided and/or discovered by:

Original Advisory:

and then their little footnote:

Please note: The information, which this Secunia Advisory is based upon, comes from third party unless stated otherwise.

Secunia collects, validates, and verifies all vulnerability reports issued by security research groups, vendors, and 


there. thats 4 different places where they note that they are not the discoverers
and that it was someone elses work. they give credit at least twice. 

as for this list being sponsored by Secunia. did n3td3v not actually READ the list
at all before subscribing or posting to it?  who wouldn't take such preliminary cautions?


Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]