Vulnerability Development mailing list archives
Decision
From: Peteris Krumins <newsgroups () lf lv>
Date: Thu, 5 Jun 2003 03:50:58 +0300
Hello, I have run into a hard decision - i just dicovered a bug in <someserver> which <some large company> runs and is only accessible to the clients of <the company> - it's an auth server, somewhere tied together with Cisco router w/ SSG and RADIUS authentication. Due to bug, any source file can be read and the <the company> has spent thousands of $ for making the system. Whats the best - report the bug and possible workarounds or let it stay? What i am nervous of is that the <the company> could 'kick' me later for seeing the sources. P.Krumins
Current thread:
- Decision Peteris Krumins (Jun 05)
- Re: Decision Zow (Jun 05)
- Re: Decision Daan van de Linde (Jun 05)
- Re: Decision Mike Caudill (Jun 06)