Bugtraq mailing list archives

Unqualified Postings

From: edi () GANYMED ORG (edi () GANYMED ORG)
Date: Tue, 2 Nov 1999 02:31:20 +0100


Hey,

Is Bugtraq the right forum to report stupid
overflows in yet another shareware win95 mail/ftp
server, fetched from huge commercial crapware
repositories like download.com / shareware.com / others?

Everyone can download the newest software, connect
and look what happens when you send 7321 a's
-- voila, the next advisory to Bugtraq is done.

Companies who pretend to do security research
(like ussr) should do better than that (at least
they switch their advisory template every second
time).

Where's the security risk? If the software is rarely
used, if no exploits are widespread, why bother
informing the security community about some buffer
just because it's too small.

Add an exploit if you want to gain popularity -
I personally do not encourage such postings here.

Edi

Current thread:

Amanda multiple vendor local root compromises Tellier, Brock (Oct 30)
- Re: Amanda multiple vendor local root compromises Ian Turner (Nov 01)
- Re: Amanda multiple vendor local root compromises Chris Tobkin (Nov 01)
  - Re: Amanda multiple vendor local root compromises Bill Fumerola (Nov 01)
- Re: Amanda multiple vendor local root compromises monti (Nov 01)
- Re: Amanda multiple vendor local root compromises Rob (Nov 01)
- Unqualified Postings edi () GANYMED ORG (Nov 01)
  - Re: Unqualified Postings v0rt (Nov 02)
- <Possible follow-ups>
- Re: Amanda multiple vendor local root compromises Alexandre Oliva (Nov 02)
- Re: Amanda multiple vendor local root compromises Alexandre Oliva (Nov 02)