|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
[Full-Disclosure] Re: The Cult of a Cardinal Number
From: Mark Lowes (hamster
proftpd.org)
Date: Wed Mar 03 2004 - 03:36:47 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On Tue, 2004-03-02 at 05:37, Phantasmal Phantasmagoria wrote:
> - ---- Final thoughts ----------------
> It is difficult, if not impossible, to please every group of the security
> community when releasing information pertaining to a vulnerability. Some
> will say that I should of contacted the vendor, some will say I should
> of kept the bug to myself, some will say I should of released exploit
> code. I can only offer one account; The Cult of a Cardinal Number has
> finished. It was found, exploited, and patched. And it has finished.
A cc of this email to securityproftpd.org would have been appreciated
if you felt the need not to give any prior warning to the team so
problematic versions could be removed from the ftp archives and/or
patched.
Mark Lowes
--
Mark Lowes <hamsterproftpd.org>
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]