Bugtraq mailing list archives
Re: Submission
From: Georgi Guninski <guninski () GUNINSKI COM>
Date: Wed, 29 Nov 2000 18:52:08 +0200
hellnbak () HUSHMAIL COM wrote:
Thanks for your reply Georgi. develop a fix. I remember a post a while back from you that said, "Why should I help the vendor". My question to you is, why not help the vendor? You said yourself, that they have to get their acts together why not assist in that process like the rest of us are?
I don't remember writing anywhere "Why should I help the vendor" - could you give an URL where it is written - it very easy writing "lame shit" as you define it anonymously. In fact I am helping both vendors and users. I do free research for vendors and I give workarounds (which sometimes are better than patches that open other vulnerabilities). I have given all vendors enough time to warn their client about a workaround until a patch is available. Do you find it normal a vulnerability to exist for 4 months and the vendor not to warn their customers there is a vulnerability which is stopped by a simple workaround? I have reported vulnerabilities and go public without a patch about Microsoft, IBM, Netscape and SUN. Only one of them complained about not having enough time to fix the vulnerabilities - some of the other vendors gave me awards despite the fact I went public without a patch. Georgi Guninski
Current thread:
- Submission hellnbak (Nov 28)
- Re: Submission Ryan Russell (Nov 29)
- Re: Submission Georgi Guninski (Nov 29)
- Re: Submission Geo. (Nov 29)
- Re: Submission Gunther Birznieks (Nov 30)
- <Possible follow-ups>
- Re: Submission hellnbak (Nov 29)
- Re: Submission Georgi Guninski (Nov 30)
- Re: Submission Robert G. Ferrell (Nov 29)
- Re: Submission Scott Blake (Nov 30)
- Re: Submission aarhus (Nov 29)
- Re: Submission Rune Kristian Viken (Nov 30)
- Re: Submission Geoffrey Moon (Nov 30)
- Re: submission rain forest puppy (Nov 30)
- Re: Submission Elias Levy (Nov 30)