Full Disclosure mailing list archives

Re: Vendor casual towards vulnerability found in product

From: George Capehart <capegeo () opengroup org>
Date: Wed, 26 May 2004 22:48:57 -0400

On Wednesday 26 May 2004 10:52 am, morning_wood wrote:

<snip>


some disclosure policys can be found at..

http://oisafety.org/
http://oisafety.org/process.html

http://exploitlabs.com/disclosure-policy.html
http://www.cert.org/kb/vul_disclosure.html
http://www.atstake.com/research/policy/
http://www.hut.fi/~tianyuan/slides/template/template.html


see also the granddaddy of disclosure policies:

http://www.wiretrip.net/rfp/policy.html

/g
-- 
George Capehart

capegeo at opengroup dot org

PGP Key ID: 0x63F0F642 available on most public key servers

"It is always possible to agglutenate multiple separate problems into a
 single complex interdependent solution.  In most cases this is a bad
 idea."  -- RFC 1925


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Current thread:

Vendor casual towards vulnerability found in product stevenr (May 26)
- Re: Vendor casual towards vulnerability found in product Gadi Evron (May 26)
- Re: Vendor casual towards vulnerability found in product Harlan Carvey (May 26)
- Re: Vendor casual towards vulnerability found in product morning_wood (May 26)
  - Re: Vendor casual towards vulnerability found in product George Capehart (May 26)
- RE: Vendor casual towards vulnerability found in product Aditya, ALD [Aditya Lalit Deshmukh] (May 26)