Full Disclosure mailing list archives

Re: Facebook Attach EXE Vulnerability

From: Peter Dawson <slash.pd () gmail com>
Date: Fri, 28 Oct 2011 12:19:50 -0400

oh ok..i c ur point.. if they did tell him to wait and he failed their NDA..
then its an issue

/pd


On Fri, Oct 28, 2011 at 12:04 PM, Pablo Ximenes <pablo () ximen es> wrote:

 Agreed. What I'm asking is whether Facebook did ask him to wait. Did it?
If it did it's a whole different ball game.


Pablo Ximenes
http://ximen.es/
http://twitter.com/pabloximenes

Em 28/10/2011, às 13:01, Peter Dawson <slash.pd () gmail com> escreveu:

   I dont  think that he waited for vendor to confirm fix in production
and I dont see a reason that he needs to wait . If FB did not ask him to
refrain from disclosure.. y shld  he ?

09/30/2011 Reported Vulnerability to the Vendor
10/26/2011 Vendor Acknowledged Vulnerability
10/27/2011 Publicly Disclosed

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Current thread:

Facebook Attach EXE Vulnerability Nathan Power (Oct 27)
- Re: Facebook Attach EXE Vulnerability Joshua Thomas (Oct 27)
  - Re: Facebook Attach EXE Vulnerability Pablo Ximenes (Oct 28)
    - Re: Facebook Attach EXE Vulnerability Guilherme Scombatti (Oct 28)
    - Re: Facebook Attach EXE Vulnerability Peter Dawson (Oct 28)
    - Re: Facebook Attach EXE Vulnerability Pablo Ximenes (Oct 28)
    - Re: Facebook Attach EXE Vulnerability Peter Dawson (Oct 28)
    - Re: Facebook Attach EXE Vulnerability Nathan Power (Oct 28)
    - Re: Facebook Attach EXE Vulnerability Pablo Ximenes (Oct 28)
    - Re: Facebook Attach EXE Vulnerability Dave (Oct 28)
    - Re: Facebook Attach EXE Vulnerability Nathan Power (Oct 28)
    - Re: Facebook Attach EXE Vulnerability Ulises2k (Oct 28)
    - Re: Facebook Attach EXE Vulnerability Laurelai (Oct 28)
    - Re: Facebook Attach EXE Vulnerability Valdis . Kletnieks (Oct 28)
    - Re: Facebook Attach EXE Vulnerability Laurelai (Oct 28)
    - Re: Facebook Attach EXE Vulnerability Jeffrey Walton (Oct 28)
    - Re: Facebook Attach EXE Vulnerability Nathan Power (Oct 29)

(Thread continues...)