Full Disclosure mailing list archives
Re: Command Injection Vulnerability in stat.qwest.net - OFFTOPIC
From: Blue Boar <BlueBoar () thievco com>
Date: Fri, 22 Aug 2003 09:18:58 -0700
Kurt Seifried wrote:
Why are you telling us this? How does it affect anyone, but qwest, who you notified, and who fixed it. Do we now send out a security advisory every time we notify sometime to disable a vulnerable service (sir, you have telnet enabled). This is getting ridiculous.
Couple of points: It may be nice to know the track record of a company even though the problem has been fixed. Also, QWest isn't the only ISP that uses Looking Glass...
BB _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Command Injection Vulnerability in stat.qwest.net Dan Daggett (Aug 21)
- Re: Command Injection Vulnerability in stat.qwest.net - OFFTOPIC Kurt Seifried (Aug 22)
- Re: Command Injection Vulnerability in stat.qwest.net - OFFTOPIC Blue Boar (Aug 22)
- Re: Command Injection Vulnerability in stat.qwest.net - OFFTOPIC Kurt Seifried (Aug 22)