Full Disclosure mailing list archives
HP Full Disclosure Story
From: full-disclosure () lists netsys com (Steve Manzuik)
Date: Fri, 23 Aug 2002 11:21:14 -0600
How can you argue that? If there was a standard disclosure procedure that the majority of researchers and vendors agreed to something like this would either a.) never happen or b.) get thrown out of court in a massive PR nightmare for the vendor invovled. Right now, with no formal process that vendors in general adhere to HP can make a case of it. If a process was in place we would have real world precedence and a proven best practice -- meaning HP would lose in court and the door for EVERYONE to start suing vendors would start to open. -----Original Message----- From: Georgi Guninski [mailto:guninski () guninski com] Sent: Fri 8/23/2002 11:24 AM To: full-disclosure () lists netsys com Cc: Subject: Re: [Full-disclosure] HP Full Disclosure Story This clearly illustrates why the responsibility RFC is a really evil thing. They are using funny arguments, but consider what threats they shall make if they have a RFC at hand. Georgi Guninski http://www.guninski.com Tamer Sahin wrote: > Hello Folks, > > In January, have found a security hole in HP AdvanceStack switches. This > vulnerability affected 8 different swicth models. There had been an > interesting mail traffic between HP Security Response Team and me. I compiled > it from my mail archive lastly and I thought that it would take your > attention. > > Best Regards; > > Tamer Sahin > http://www.securityoffice.net
Current thread:
- HP Full Disclosure Story Tamer Sahin (Aug 23)
- HP Full Disclosure Story full-disclosure () lists netsys com (Aug 23)
- HP Full Disclosure Story KF (Aug 23)
- HP Full Disclosure Story hellNbak (Aug 23)
- HP Full Disclosure Story Georgi Guninski (Aug 23)
- <Possible follow-ups>
- HP Full Disclosure Story Steve Manzuik (Aug 23)
- Re: HP Full Disclosure Story Steven M. Christey (Aug 23)
- Re: HP Full Disclosure Story KF (Aug 23)
- Re: HP Full Disclosure Story Georgi Guninski (Aug 24)
- Re: HP Full Disclosure Story Kurt Weiske (Aug 24)
- Re: HP Full Disclosure Story Isaak Bloodlore (Aug 24)
- Re: HP Full Disclosure Story hellNbak (Aug 24)
- Re: HP Full Disclosure Story Charles Stevenson (Aug 26)
- Re: HP Full Disclosure Story KF (Aug 26)
- Re: HP Full Disclosure Story KF (Aug 26)
- Re: HP Full Disclosure Story Anthony DeRobertis (Aug 25)