Full Disclosure mailing list archives
[kbelanger () logicon ca: [VulnWatch] vuln in login under solaris]
From: len () netsys com (Len Rose)
Date: Thu, 5 Sep 2002 20:41:54 -0400
This isn't a known issue. There is no such bug. This is about fake advisories being approved by moderators. If the only value of moderation is to weed out "other stuff" then the delays that vuln-watch incurs rather frequently aren't worth the cost overhead in time. Referring back to the technical merits of that advisory in particular, something this blatant is readily checked in 5 minutes. Sun would never have something of this nature so badly broken. This is in fact, /bin/login and the bulk of that code is probably older than most people around today. A fake advisory of this nature tends to devalue the overall reliabiliy of a list's information especially if it's moderated. Len On Thu, Sep 05, 2002 at 05:59:09PM -0600, Steve wrote:
Len, Yes, the list is moderated as in we only approve messages that are actual vulnerability announcements and not "other stuff" (for other stuff see; http://lists.netsys.com/pipermail/full-disclosure/). It is not the jobs of the moderators to take the time and verify each vuln report as it will slow down the flow of the list and the moderators are only human and can make mistakes just like everyone else. It has also been discussed on VulnDiscuss that this isn't really a vulnerability in the first place and is a known "issue"/limitation. This in my opinion is the whole point of the discussion list - to weed out the crap in a public forum -- almost like peer review. Regards; Steve Manzuik Moderator - VulnWatch Moderator - VulnDiscuss www.vulnwatch.org
[snipped]
Current thread:
- [kbelanger () logicon ca: [VulnWatch] vuln in login under solaris] Len Rose (Sep 05)
- [kbelanger () logicon ca: [VulnWatch] vuln in login under solaris] Steve (Sep 05)
- [kbelanger () logicon ca: [VulnWatch] vuln in login under solaris] Len Rose (Sep 05)
- [kbelanger () logicon ca: [VulnWatch] vuln in login under solaris] hellNbak (Sep 05)
- [kbelanger () logicon ca: [VulnWatch] vuln in login under solaris] Len Rose (Sep 05)
- [kbelanger () logicon ca: [VulnWatch] vuln in login under solaris] Steve (Sep 05)