Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

HP Full Disclosure Story

From: full-disclosure () lists netsys com (Georgi Guninski)
Date: Fri, 23 Aug 2002 20:24:03 +0300
This clearly illustrates why the responsibility RFC is a really evil thing.

They are using funny arguments, but consider what threats they shall make if 
they have a RFC at hand.

Georgi Guninski
http://www.guninski.com

Tamer Sahin wrote:

Hello Folks, 
 
In January, have found a security hole in HP AdvanceStack switches. This 
vulnerability affected 8 different swicth models. There had been an 
interesting mail traffic between HP Security Response Team and me. I compiled 
it from my mail archive lastly and I thought that it would take your 
attention. 
 
Best Regards; 
 
Tamer Sahin 
http://www.securityoffice.net


------------------------------------------------------------------------

********************************************************************************************
I a sending my first security anouncement to security-alert () hp com and i am specifying
that in at least 4 days, if there is no response, i will publish this vulnerebility without
any patch. (this time is like a law that is not ruled. in "vulnerability disclosure" procedure)
********************************************************************************************
Previous By Date Next
Previous By Thread Next

Current thread: