Search: Home Bugtraq Vulnerabilities Mailing Lists Jobs Tools Beta Programs
The value of vulnerabilities
Jason Miller, 2006-03-07

There is value in finding vulnerabilities. Yet many people believe that a vulnerability doesn't exist until it is disclosed to the public. We know that vulnerabilities need to be disclosed, but what role do vendors have to make these issues public?

Submit Comment Mode:
Name:
Subject:
Message:
 
  Enter the characters that appear above
 
Another viewpoint - The value of vulnerabilities 2006-03-08
Robert E. Lee
> And, to clarify, I'm not saying that posting an exploit to Bugtraq before even contacting a vendor (or perhaps, just a few hours after contacting them) is responsible. It's not.

End users of publicly available applications are telling us that they want to be notified at the same time as vendor...

[ more ]  




 

Privacy Statement
Copyright 2009, SecurityFocus