Dear Sirs, In regard to your posted advisories on your site http://www.secunia.com and in particular, your "solutions" added to official bugtraq reports as seen in... http://www.secunia.com/advisories/8768/ http://www.secunia.com/advisories/8725/ Why do you insist on trying to give solutions to posted vulnerabilities without first checking with the author. You have done this twice to my posts now. You solutions are not only inacurate, but you fail to add that your solution is your opinion and not that of the discoverer of the original vulnerability. I belive you have retracted another one of my discoveries for that which you provide a "solution" http://www.secunia.com/advisories/8716/ and we asked at that time that you do not conjure up any "solution" and have it appear that it is a tested solution verified by the poster. If you wish to add a comment, or showcase your expertise, I suggest first making clear that the opinions expresed are that of http://www.secunia.com and not the original author, and that your "solution" is acurate ( not one has been a correct fix, or pertain to the core issue ) or contacting the author to verify your information. Thank you, morning_wood http://exploit.wox.org http://frame4.com Security Systems _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
This archive was generated by hypermail 2b30 : Sun May 18 2003 - 12:37:57 PDT