Re: [Full-disclosure] [VulnDiscuss] Re: -==phpBB 2.0.14 Multiple Vulnerabilities==-[Scanned]

[Dave Aitel <dave () immunitysec com>]

Paul Laudanski wrote:

> > Risk: Low Risk!!
> > Impact: Multiple Vulnerabilities.
> >
> >       -==phpBB 2.0.14 Multiple Vulnerabilities==-
> >    
>
> Unsure if its me, but I didn't see a vendor notification here?  Might be 
> because I'm so happy being a proud new dad, but, I thought proper 
> disclosure etiquette involved vendor notification and time to test 
> properly, and waiting for a patch to be released?
>
> Whatever happened to that?
>
>  
Nothing happened to that - it was never true. Those of us who find bugs 
would really appreciate it if every Microsoft MVP would stop 
astroturfing these lists about it too.

Thanks,
Dave Aitel
Immunity, Inc.