Full Disclosure mailing list archives
Re: Why the censorship?
From: "jamesleesmith67 () aol co uk" <jamesleesmith67 () aol co uk>
Date: Sun, 30 Aug 2009 10:04:43 -0400
There is no censorship on Full-disclosure. Oh, we banned n3td3v didn't we? Wooooops. -----Original Message----- From: security curmudgeon <jericho () attrition org> To: webmaster () neohapsis com Cc: full-disclosure () lists grok org uk Sent: Sun, Aug 30, 2009 7:56 am Subject: [Full-disclosure] Why the censorship? (was re: Inquira: Multiple Vulnerabilities) Hi Neohapsis, The mail to Full-disclosure on Mar 20, 2009 has been edited on the archives of Neohapsis: http://archives.neohapsis.com/archives/fulldisclosure/2009-03/0326.html Every occurrence of "Inquira" has been redacted. Since the original disclosure suggests the vendor was contacted, and chose not to reply, it is curious that their name would be removed from your archive. Could you explain why, or at the very least share what I suspect was a C&D style letter demanding their name be removed? I ask because other archives do not redact their name for whatever reason: http://seclists.org/fulldisclosure/2009/Mar/0300.html http://marc.info/?l=full-disclosure&m=123753854425289&w=2 http://www.derkeiler.com/Mailing-Lists/Full-Disclosure/2009-03/msg00300.html http://www.opensubscriber.com/message/full-disclosure () lists grok org uk/11725824.html [..] - security curmudgeon ---------- Forwarded message ---------- From: Kristian Erik Hermansen <kristian.hermansen () gmail com> To: full-disclosure () lists grok org uk Date: Fri, 20 Mar 2009 01:34:28 -0700 Subject: [Full-disclosure] Inquira: Multiple Vulnerabilities Bonjour, During a recent penetration test, we discovered and worked with Inquira to close numerous web-based issues. The vendor has not replied back about a formal release of these issues, so I am posting this notice here to inform customers to check for an update for their products. You can contact Inquira via the link below. http://www.inquira.com/ Additionally, it is also advised that customers change the default passwords used by the affected software. For instance, the default Apache Tomcat administrator account details are listed below and should probably be added to publicly listed default password databases (phenoelit, etc). Vendor: Inquira Products: (multiple) Username: inquira Password: inquira123 Cheers, -- Kristian Erik Hermansen http://www.linkedin.com/in/kristianerikhermansen _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Why the censorship? (was re: Inquira: Multiple Vulnerabilities) security curmudgeon (Aug 30)
- Re: Why the censorship? jamesleesmith67 () aol co uk (Aug 30)