Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Questions about reporting a vulnerability

From: "xyberpix" <xyberpix () xyberpix com>
Date: Fri, 29 Apr 2005 10:54:13 +0100 (BST)
Hey All,

Couple of questions on reporting vulnerabilities:

1) Is there a damn template somewhere that can be used, as I'm pretty sure
there was at one point, and I can't seem to find it? If so, could someone
please let me know where this is located?

2) Is it worth sending something out like a cookie storing usernames and
passwords in clear text for a major vendor's piece of software?

3) What's the correct procedure to go through reporting a vulnerability?

If all of these questions can be answered with one simple link, can
someone please paste it, as I really need to know this info soon.

TIA

xyberpix

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Previous By Date Next
Previous By Thread Next

Current thread: