Full Disclosure mailing list archives
RE: Anyone know IBM's security address?
From: "Michael Scheidell" <scheidell () secnap net>
Date: Tue, 10 Aug 2004 10:36:09 -0400
5 days of no response should be enough.... -----Original Message----- From: Discini, Sonny [mailto:Sonny.Discini () montgomerycountymd gov] Sent: Tuesday, August 10, 2004 10:14 AM To: Jedi/Sector One; Michael Scheidell Cc: full-disclosure () lists netsys com; bugtraq () securityfocus com Subject: RE: Anyone know IBM's security address? I am currently having the same experience with IBM. Our team has discovered a crippling vulnerability (in a product in the Tivoli suite) and for months our IBM contacts have tried passing the buck if they respond at all. We plan on disclosing the vulnerability before long but we want to be sure that we run through the normal process before releasing the information to bugtraq. Sonny Discini Senior Network Security Engineer -----Original Message----- From: Jedi/Sector One [mailto:j () pureftpd org] Sent: Friday, August 06, 2004 5:42 PM To: Michael Scheidell Cc: full-disclosure () lists netsys com; bugtraq () securityfocus com Subject: Re: Anyone know IBM's security address? On Fri, Aug 06, 2004 at 05:11:19PM -0400, Michael Scheidell wrote:
Have a vulnerability in an IBM product. sent alert to security () ibm com secure () ibm com and cert () ibm com, all three bounced. Can anyone tell me the official address or procedure to
notify IBM?
For AIX-releated flaws, the contact is security-alert () austin ibm com For other products... good luck. I also have a vulnerability in an IBM product but I wasn't able to get in touch with anyone. Online forms told me to call a number that is unreachable outside USA. The AIX security officer told me he would find the right contact but I never got anything else since. -- __ /*- Frank DENIS (Jedi/Sector One) <j at 42-Networks.Com> -*\ __ \ '/ <a href="http://www.PureFTPd.Org/"> Secure FTP Server </a> \' / \/ <a href="http://www.Jedi.Claranet.Fr/"> Misc. free software </a> \/ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Anyone know IBM's security address? Michael Scheidell (Aug 06)
- Re: Anyone know IBM's security address? Jedi/Sector One (Aug 06)
- Re: Re: Anyone know IBM's security address? Thomas Loch (Aug 06)
- Re: Re: Anyone know IBM's security address? Jean-Marie Monnier (Aug 07)
- Re: Re: Anyone know IBM's security address? jmpascual (Aug 06)
- Re: Re: Anyone know IBM's security address? Oliver () greyhat de (Aug 07)
- Re: Re: Anyone know IBM's security address? Thomas Loch (Aug 06)
- Re: Anyone know IBM's security address? troy (Aug 06)
- <Possible follow-ups>
- RE: Anyone know IBM's security address? Michael Scheidell (Aug 10)
- RE: Anyone know IBM's security address? Discini, Sonny (Aug 10)
- Re: Anyone know IBM's security address? Jedi/Sector One (Aug 06)