Full Disclosure mailing list archives

Re: Clarification on Xitami DoS

From: full-disclosure () lists netsys com (Steven M. Christey)
Date: Mon, 5 Aug 2002 20:53:02 -0400 (EDT)

I said:

This thread is a good demonstration for why vendors need to be
responsive to incoming vulnerability reports... Greater overall
responsiveness by vendors is covered heavily by section 3 of the
Responsible Vulnerability Disclosure Process draft


Georgi Guninski said:

In my opinion bundling bad stuff and good stuff in one document does
not make the whole document good.


I hope that we can restructure the next version of the document so
that recommendations for vendor responsiveness are somewhat separate
from the proposed disclosure process.  That way, vulnerability
researchers/notifiers could point to particular parts of the
disclosure document to give them some "backup," even if they do not
agree with other parts of the document.

- Steve

Current thread:

Clarification on Xitami DoS Matthew Murphy (Aug 04)
- <Possible follow-ups>
- Re: Clarification on Xitami DoS Muhammad Faisal Rauf Danka (Aug 04)
  - Re: Clarification on Xitami DoS Matthew Murphy (Aug 04)
- Re: Clarification on Xitami DoS Muhammad Faisal Rauf Danka (Aug 04)
- Re: Clarification on Xitami DoS Steven M. Christey (Aug 05)
  - Re: Clarification on Xitami DoS Georgi Guninski (Aug 05)
- Re: Clarification on Xitami DoS Matthew Murphy (Aug 05)
- Re: Clarification on Xitami DoS Steven M. Christey (Aug 05)