Bugtraq mailing list archives
Re: IBM TFTP Server for Java vulnerability
From: John Schultz <jschultz () coin org>
Date: Sat, 21 Jul 2001 14:36:04 -0500 (CDT)
On Fri, 20 Jul 2001, Patrick Medhurst wrote:
The vendor was contacted on 19 June 2001 and responded on 20 June 2001 as follows: "We will take a look at the issue and fix it as soon as possible". Further correspondence requesting when a fix will be released has been ignored.
Just because a company can't tell you immediately when a bug will be fixed, you say that you are being ignored and see fit to release an advisory? Do you have any idea how easy the problem will be to fix? Probably not, and I bet IBM would have to do some research first, finding out what code contains the problem, allocating developers, build personnel, and QA the fix before even they know when a fix will be out. Sheesh. John Schultz jschultz () coin org
Current thread:
- IBM TFTP Server for Java vulnerability Patrick Medhurst (Jul 20)
- Re: IBM TFTP Server for Java vulnerability John Schultz (Jul 23)
- Re: IBM TFTP Server for Java vulnerability David Howe (Jul 23)
- Re: IBM TFTP Server for Java vulnerability John Schultz (Jul 23)
- <Possible follow-ups>
- RE: IBM TFTP Server for Java vulnerability McHugh, Sean (Jul 23)
- Re: IBM TFTP Server for Java vulnerability John Schultz (Jul 23)