Full Disclosure mailing list archives
Re: iDEFENSE Security Advisory 05.22.03: Authentication Bypass in iisPROTECT
From: "raj var" <secvar72 () hotmail com>
Date: Thu, 22 May 2003 16:56:31 -0500
12/31/2002 Issue disclosed to iDEFENSE 04/16/2003 E-mail sent to info () iisprotect com 04/16/2003 Response received from David Fearn of iisPROTECT 04/16/2003 Patch provided to iDEFENSE for verification 05/22/2003 Coordinated public disclosure
EMail sent and patch provided the same day. I hope iDefense had a few good reasons to hold on to this for over 100 days before even reporting it to the vendor.
SecVar _________________________________________________________________MSN 8 helps eliminate e-mail viruses. Get 2 months FREE*. http://join.msn.com/?page=features/virus
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Re: iDEFENSE Security Advisory 05.22.03: Authentication Bypass in iisPROTECT raj var (May 24)
- <Possible follow-ups>
- Re: iDEFENSE Security Advisory 05.22.03: Authentication Bypass in iisPROTECT mattmurphy () kc rr com (May 24)
- iDEFENSE Security Advisory 05.22.03: Authentication Bypass in iisPROTECT iDEFENSE Labs (May 24)
- Re: iDEFENSE Security Advisory 05.22.03: Authentication Bypass in iisPROTECT Steven M. Christey (May 24)