Full Disclosure mailing list archives

Re: ZDI-07-006: Citrix Metaframe Presentation Server Print Provider Buffer Overflow Vulnerability

From: Christian Kujau <lists () nerdbynature de>
Date: Wed, 24 Jan 2007 20:43:14 +0000 (GMT)

On Wed, 24 Jan 2007, zdi-disclosures () 3com com wrote:

-- Disclosure Timeline:
2005.07.07 - Pre-exiting Digital Vaccine released to TippingPoint
customers
2006.10.02 - Vulnerability reported to vendor
2007.01.24 - Coordinated public release of advisory


out of curiosity: why took it 1+ year to report this vulneralbility to 
the vendor?

-- 
BOFH excuse #366:

ATM cell has no roaming feature turned on, notebooks can't connect

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Current thread:

ZDI-07-006: Citrix Metaframe Presentation Server Print Provider Buffer Overflow Vulnerability zdi-disclosures (Jan 24)
- Re: ZDI-07-006: Citrix Metaframe Presentation Server Print Provider Buffer Overflow Vulnerability Christian Kujau (Jan 24)
  - Re: ZDI-07-006: Citrix Metaframe Presentation Server Print Provider Buffer Overflow Vulnerability Jason Areff (Jan 24)
    - Re: ZDI-07-006: Citrix Metaframe Presentation Server Print Provider Buffer Overflow Vulnerability Col (Jan 25)