Re: Apache Worm?

From: Raistlin (raistlinat_private)
Date: Fri Jun 21 2002 - 04:46:00 PDT

  • Next message: Marc Slemko: "Re: apache chunked encoding"

    > Correct, reporting a vulnerability is the right thing to do, we are in
    > raging agreement.  But purposely *NOT* contacting the vendors involved
    > because for some stupid immature reason your "don't trust them" and then
    > doing a press release on the vulnerability is not the right thing to do.
    
    Expecially if you provide a patch which doesn't patch correctly the bug.
    
    Bad move indeed, ISS.
    
    Stefano "Raistlin" Zanero
    System Administrator Gioco.Net
    public PGP key block at http://gioco.net/pgpkeys
    



    This archive was generated by hypermail 2b30 : Fri Jun 21 2002 - 10:36:41 PDT