BugTraq
Back to list
|
Post reply
Re: Invision Board spoof and defacement
Aug 05 2003 07:31PM
matt ibforums com
In-Reply-To: <20030804002946.4431.qmail (at) www.securityfocus (dot) com [email concealed]>
You've got to be kidding me?
>The vendor hasn't been notified because of their
>handling of previous vulnerabilties I found in Invision
>Board
I am extremely responsible with regards to security and in most
cases I've had a fix ready and available within 30 minutes of
receiving note of a vulnerability.
I take a dim view of posting exact details of vulnerabilities before
people have a chance to patch their board and I take a dim view of
needlessly alarming people with almost trivial matters, such as
this.
If you find a vulnerability in a program and you post details of
how to exploit it without notifying the vendor then that is very
irresponsible indeed.
[ reply ]
Privacy Statement
Copyright 2010, SecurityFocus
You've got to be kidding me?
>The vendor hasn't been notified because of their
>handling of previous vulnerabilties I found in Invision
>Board
I am extremely responsible with regards to security and in most
cases I've had a fix ready and available within 30 minutes of
receiving note of a vulnerability.
I take a dim view of posting exact details of vulnerabilities before
people have a chance to patch their board and I take a dim view of
needlessly alarming people with almost trivial matters, such as
this.
If you find a vulnerability in a program and you post details of
how to exploit it without notifying the vendor then that is very
irresponsible indeed.
[ reply ]