BugTraq
ZDI-06-043: Novell Netware Client Print Provider Buffer Overflow Vulnerability Nov 29 2006 05:10PM
zdi-disclosures 3com com (1 replies)
Re: [Full-disclosure] ZDI-06-043: Novell Netware Client Print Provider Buffer Overflow Vulnerability Nov 30 2006 01:02PM
Dude VanWinkle (dudevanwinkle gmail com) (1 replies)
Re: [Full-disclosure] ZDI-06-043: Novell Netware Client Print Provider Buffer Overflow Vulnerability Dec 01 2006 12:27AM
zdi-disclosures 3com com (1 replies)
Re: [Full-disclosure] ZDI-06-043: Novell Netware Client Print Provider Buffer Overflow Vulnerability Dec 01 2006 01:52AM
Dude VanWinkle (dudevanwinkle gmail com)
On 11/30/06, zdi-disclosures (at) 3com (dot) com [email concealed] <zdi-disclosures (at) 3com (dot) com [email concealed]> wrote:
> Thanks for pointing this out JP, it does in fact look confusing. We
> determined during the Digital Vaccine filter creation process that a
> previously released filter was robust enough to block the attack without
> further modification and the vendor was immeditately notified.

NP,

I would clarify that in future notifications. i.e.: "tippingpoint
customers have been
protected from attacks of this kind since xyz date by GenericFilterX". Then
you could list the time lines for discovered/acquired, vendor
notification, patch released from vendor, and finally; public
disclosure.

-JP

[ reply ]
 

Privacy Statement
Copyright 2010, SecurityFocus