Full Disclosure mailing list archives
Re: Re: Anyone know IBM's security address? + Google Hack
From: Florian Weimer <fw () deneb enyo de>
Date: Mon, 09 Aug 2004 18:36:58 +0200
* Aaron Gray:
It turns out I was going about the process of vulnerability notification all wrong. I should have gone to the United States Computer Emergency Readiness Team to report them. The US-CERT home page provides an email address cert () cert org for reporting vulnerabilities. If you use it, you will receive more detailed instructions on how to complete this form.
Before submitting *anything* to CERT/CC, be sure to review their information sharing policies. Last time I checked, their documented policy was to share _everything_ with paying customers unless you explicitly requested that information is dealt with on a need-to-know basis. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Re: Re: Anyone know IBM's security address? + Google Hack Aaron Gray (Aug 07)
- Re: Re: Anyone know IBM's security address? + Google Hack Jason Coombs PivX Solutions (Aug 07)
- Re: Re: Anyone know IBM's security address? + Google Hack Aaron Gray (Aug 08)
- Re: Re: Anyone know IBM's security address? + Google Hack Florian Weimer (Aug 09)
- <Possible follow-ups>
- Re: Re: Anyone know IBM's security address? + Google Hack vesselen.mironov (Aug 07)
- Re: Re: Anyone know IBM's security address? + Google Hack Peter Besenbruch (Aug 07)
- Re: Re: Anyone know IBM's security address? + Google Hack Jason Coombs PivX Solutions (Aug 07)