Search: Home Bugtraq Vulnerabilities Mailing Lists Jobs Tools Beta Programs
Irresponsible Disclosure
Jon Lasser, 2002-06-26

Internet Security Systems violated community standards and common sense with its surprise Apache bug announcement.

Comments Mode:
Irresponsible Disclosure 2002-06-26
Anonymous (1 replies)
Irresponsible Disclosure 2002-06-28
Anonymous
Irresponsible Disclosure 2002-06-26
joe90@hushmail.com
Irresponsible Disclosure 2002-06-27
Please please please get a new UNIX writer! (7 replies)
Are you working for ISS ? 2002-06-27
nimp
Irresponsible Disclosure 2002-06-27
Anonymous
Re: Replace him! he disagrees with me and I know it all! 2002-06-27
epizz@ba.net (1 replies)
Re: Replace him! he disagrees with me and I know it all! 2002-06-28
Anonymous
Irresponsible Disclosure 2002-06-27
Anonymous
Anon poster is an "Irresponsible Disclosure" 2002-06-27
Anonymous
Irresponsible Disclosure 2002-06-29
Tired of loud mouth open source freaks (1 replies)
Irresponsible Disclosure - TO "Tired of loud-mouth open source freaks" 2002-07-01
Anonymous
Irresponsible Disclosure 2002-06-29
Anonymous
Damned if you do, damned if you don't 2002-06-27
TL (1 replies)
Damned if you do (irresponsibly), damned if you don't (ever) 2002-06-28
Tor Slettnes
Irresponsible Disclosure 2002-06-27
Anonymous
The shoe is on the other foot 2002-06-27
Anonymous (10 replies)
The shoe is on the other foot..but just barely. 2002-06-27
K.M. Ellis
The shoe is on the other foot 2002-06-27
Brian
The shoe is on the other foot 2002-06-27
Anonymous
The shoe is on the other foot 2002-06-28
Anonymous
Are you working for Microsoft ? 2002-06-28
no 6
The shoe is on the other foot 2002-06-28
Anonymous
The shoe is on the other foot 2002-06-29
Anonymous
The shoe is on the other foot 2002-06-29
Anonymous
The shoe is on the other foot 2002-06-29
pseudoAnonymous
One vulnerability in 4.5 years compared to God know how many in IIS, and all the Microsofties come out of the woodwork.. If ISS had handled this incident the way they'd handle any Microsoft one, there wouldn't have been any problem. Instead, the dolts write a patch that doesn't work for many/most people, and then announce the problem to the world about six hours after alerting Apache. IIS's conduct seems to be the main source of alarm - not the bug. To be honest, I'd say their actions are completely indefensibe. But yes, the Microsofties will smile over this one. Does Microsoft have a strategic alliance with ISS?

[ reply ]

Link to this comment: http://www.securityfocus.com/comments/columns/91/13359#13359
...but where should the foot be put? 2002-07-02
Andy Wood
Penalties 2002-06-27
Anonymous
Irresponsible Disclosure 2002-06-28
System Engineer in UK
Irresponsible Disclosure 2002-06-28
Anonymous
Irresponsible Disclosure -- CYA 2002-06-28
Anonymous
hehehe ! apachi is next victim 2002-06-29
ICMP_Z@yahoo.com (1 replies)
hehehe ! apachi is next victim 2002-07-01
Anonymous
what i think about ms... 2002-07-03
Lysergsäurediethylamid







 

Privacy Statement
Copyright 2009, SecurityFocus