Full Disclosure mailing list archives
Re: Symantec ActiveX control buffer overflow
From: Cesar <cesarc56 () yahoo com>
Date: Tue, 24 Jun 2003 11:50:11 -0700 (PDT)
I didn't post it to bugtraq, anyways they would hide the advisory until a fix were ready, this is a common practice in some SecurityFocus mailing lists. I won't post anymore advisories to SecurityFocus mailing lists, they use to not aprove my posts so f*ck them. One time they ask me to give them some bug details and post it to bugtraq and i didn't accept, then when i wanted to post the bug advisory they didn't aprove my post. Also SecurityFocus is a Symantec company and Symantec is member of oisafety group so in future bugtraq will be full of old news if Symantec will lead by example about the 30-day grace period and all that ... It took me 1 minute to find the bug, i wonder if Symatec is a security company they should be more serious, shouldn't they?. Cesar. --- Georgi Guninski <guninski () guninski com> wrote:
Cesar wrote:Vendor Status : I really sorry Symantec i forgot about the 30-day grace period (see "Security VulnerabilityReportingand Response Process", http://www.oisafety.org/process.html), also iforgotto report it :) This is really funny Symantec try to protect usersandthey intruduce dangerous ActiveX controls in users computers. I think that maybe this control shouldbeinroduced in Norton virus list :). I wonder ifthisadvisory will be on Security Focus news or vulnerability database.Did you post this to bugtraq, can't see it there? There is funny self promoting msg on bugtraq from symantec regarding this bug. georgi
__________________________________ Do you Yahoo!? SBC Yahoo! DSL - Now only $29.95 per month! http://sbc.yahoo.com _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Symantec ActiveX control buffer overflow Cesar (Jun 22)
- Re: (Updated) Symantec ActiveX control buffer overflow Cesar (Jun 23)
- Re: Symantec ActiveX control buffer overflow Georgi Guninski (Jun 24)
- Re: Symantec ActiveX control buffer overflow Cesar (Jun 24)