Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Re: MSIE (mshtml.dll) OBJECT tag vulnerability

From: <0x80 () hush ai>
Date: Fri, 28 Apr 2006 00:57:47 -0700
Blah blah blah... shut the fuck up whiner.

Mr. C.I.S.S.P... Mr. M.C.S.E

What the fuck do you know about working with vendors and 
vulnerabilities?  Jack and shit.. that is what you know.

You want a service.. then fuckin pay for it newb.

On Wed, 26 Apr 2006 08:06:09 -0700 Tim Bilbro 
<trbilbro () verizon net> wrote:

You do a disservice to all IT shops by announcing these 
vulnerabilities
before contacting the vendor. I am sure it would not generate as 
much
web traffic to your site, but it is only fair and right to allow 
at
least some amount of time for the vendor to respond. If you think 
you
are helping, you are wrong. Would you go around town checking 
which
stores are unlocked at night and then publish the list in the news
before letting the shop owners know? That's pretty much what you 
are
doing. It's just not helping. There is no proof that it is either.

Tim Bilbro
Information Security Specialist
CISSP, MCSE
trbilbro () verizon net
web: www.bloglines.com/blog/Bilbro
RSS: www.bloglines.com/blog/Bilbro/rss




Concerned about your privacy? Instantly send FREE secure email, no account required
http://www.hushmail.com/send?l=480

Get the best prices on SSL certificates from Hushmail
https://www.hushssl.com?l=485

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Previous By Date Next
Previous By Thread Next

Current thread: