Re: Apache Worm?

From: Raistlin (raistlinat_private)
Date: Fri Jun 21 2002 - 04:46:00 PDT

Next message: Marc Slemko: "Re: apache chunked encoding"

Previous message: Przemyslaw Frasunek: "Re: procmail heap overflow"
In reply to: hellNbak: "RE: Apache Worm?"
Next in thread: Blue Boar: "Re: Apache Worm?"
Next in thread: Valdis.Kletnieksat_private: "Re: Apache Worm?"
Reply: Blue Boar: "Re: Apache Worm?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> Correct, reporting a vulnerability is the right thing to do, we are in
> raging agreement.  But purposely *NOT* contacting the vendors involved
> because for some stupid immature reason your "don't trust them" and then
> doing a press release on the vulnerability is not the right thing to do.

Expecially if you provide a patch which doesn't patch correctly the bug.

Bad move indeed, ISS.

Stefano "Raistlin" Zanero
System Administrator Gioco.Net
public PGP key block at http://gioco.net/pgpkeys

Next message: Marc Slemko: "Re: apache chunked encoding"
Previous message: Przemyslaw Frasunek: "Re: procmail heap overflow"
In reply to: hellNbak: "RE: Apache Worm?"
Next in thread: Blue Boar: "Re: Apache Worm?"
Next in thread: Valdis.Kletnieksat_private: "Re: Apache Worm?"
Reply: Blue Boar: "Re: Apache Worm?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Jun 21 2002 - 10:36:41 PDT