Search: Home Bugtraq Vulnerabilities Mailing Lists Jobs Tools Beta Programs
Irresponsible Disclosure
Jon Lasser, 2002-06-26

Internet Security Systems violated community standards and common sense with its surprise Apache bug announcement.

Comments Mode:
Irresponsible Disclosure 2002-06-26
Anonymous (1 replies)
Irresponsible Disclosure 2002-06-28
Anonymous
Irresponsible Disclosure 2002-06-26
joe90@hushmail.com
Irresponsible Disclosure 2002-06-27
Please please please get a new UNIX writer! (7 replies)
Are you working for ISS ? 2002-06-27
nimp
Irresponsible Disclosure 2002-06-27
Anonymous
Re: Replace him! he disagrees with me and I know it all! 2002-06-27
epizz@ba.net (1 replies)
Re: Replace him! he disagrees with me and I know it all! 2002-06-28
Anonymous
Irresponsible Disclosure 2002-06-27
Anonymous
Anon poster is an "Irresponsible Disclosure" 2002-06-27
Anonymous
Irresponsible Disclosure 2002-06-29
Tired of loud mouth open source freaks (1 replies)
Irresponsible Disclosure - TO "Tired of loud-mouth open source freaks" 2002-07-01
Anonymous
Irresponsible Disclosure 2002-06-29
Anonymous
Damned if you do, damned if you don't 2002-06-27
TL (1 replies)
Damned if you do (irresponsibly), damned if you don't (ever) 2002-06-28
Tor Slettnes
Irresponsible Disclosure 2002-06-27
Anonymous
The shoe is on the other foot 2002-06-27
Anonymous (10 replies)
The shoe is on the other foot..but just barely. 2002-06-27
K.M. Ellis
The shoe is on the other foot 2002-06-27
Brian
The shoe is on the other foot 2002-06-27
Anonymous
The shoe is on the other foot 2002-06-28
Anonymous
Are you working for Microsoft ? 2002-06-28
no 6
The shoe is on the other foot 2002-06-28
Anonymous
The shoe is on the other foot 2002-06-29
Anonymous
The shoe is on the other foot 2002-06-29
Anonymous
The shoe is on the other foot 2002-06-29
pseudoAnonymous
...but where should the foot be put? 2002-07-02
Andy Wood
Penalties 2002-06-27
Anonymous
Irresponsible Disclosure 2002-06-28
System Engineer in UK
Irresponsible Disclosure 2002-06-28
Anonymous
I think people were quick to jump on the bandwagon pointing fingers at ISS. Yes, they did release this advisory a little irresponsibly, but what if they kept this bug for themselves? Other researchers found the same bug, but we all (Apache users) could have been left vulnerable to this bug and all it would have taken is some #!darknet 0-day junkie to write a small script that would automatically compromise systems and spread itself to other systems. I think ISS will disclose future bugs more responsibly.

[ reply ]

Link to this comment: http://www.securityfocus.com/comments/columns/91/13336#13336
Irresponsible Disclosure -- CYA 2002-06-28
Anonymous
hehehe ! apachi is next victim 2002-06-29
ICMP_Z@yahoo.com (1 replies)
hehehe ! apachi is next victim 2002-07-01
Anonymous
what i think about ms... 2002-07-03
Lysergsäurediethylamid







 

Privacy Statement
Copyright 2009, SecurityFocus