On Mon, 8 Nov 1999, Brock Tellier wrote: > In preparing for this advisory release, I checked for "seyon" vulnerabilities > in the bugtraq archives. I found that the exploit I had developed had already > been discussed in May 1997. However, this does not change the fact that the > current version of FreeBSD still ships a vulnerable version with vulnerable > privs. I believe this is still worth noting. Here is my advisory as it was > to be published before the previous vulnerability came to light. <not speaking on behalf of FreeBSD> It would be nice if you: (a) filed a pr using send-pr(1) or the web interface or (b) contacted security-officerat_private or (c) sent mail to the maintainer of the port to provide some sort of fighting chance before mailing Bugtraq. I'm a huge bugtraq/full-disclosure advocate, but I also believe in giving a group a fighting chance to fix it first. Thanks, -- - bill fumerola - billf@chc-chimes.com - BF1560 - computer horizons corp - - ph:(800) 252-2421 - bfumerolat_private - billfat_private -
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 15:10:46 PDT