|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
titon
bastardlabs.com
Date: Thu Jun 05 2008 - 02:06:56 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
>This one seems exactly the same vulnerability I disclosed in February
>2008 and for which I wrote also a testing attack (number 7) in my
>doubletakedown proof-of-concept [...blah blah...]
Good for you, but you do realize that the bug was reported to
the vendor in May 2007. You were just 8 months too late...
But since you seem so eager to get some attention, I give you
the credit of dropping a POC for an unpatched vuln into FD without
even trying to contact the vendor... Well done !
--- [...SNIP...] ---
Disclosure Timeline:
2007-05-22 - Vulnerability reported to vendor
2008-06-04 - Coordinated public release of advisory
--- [...SNIP...] ---
titon.
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]