Full Disclosure mailing list archives
Re[4]: Correction to latest Colsaire advisories
From: 3APA3A <3APA3A () SECURITY NNOV RU>
Date: Tue, 14 Sep 2004 19:24:22 +0400
Dear advisories, --Tuesday, September 14, 2004, 6:24:09 PM, you wrote to full-disclosure () lists netsys com: a> Did you try Google? ;) a> http://www.uniras.gov.uk/vuls/2004/380375/mime.htm I saw this link in your advisory. For this case I teach my students to use information already gathered. Only vulnerable product listed is ripMIME. ripMIME team always replies to this kind of incidents and provides really good solution (better than recommended one, BTW). a> Admitedly it is a bit thin at the moment (and many names are conspicous by a> their absense). This should improve as more vendors provide a statement.
Of cause, poor, busy and tired 3APA3A can not do it alone.
a> You never had to; NISCC, CERT/CC? I did with CERT. It looks like for last 2-3 years CERT does not responds to individual researchers. BTW: there is no more CERT/CC. Now it's CERT-US.
How this information helps vendors to secure their products?
a> Any vendors (who have not already been involved so far) who wish to get more a> detail are encouraged to contact the NISCC team and request a copy of the a> test suite. -- ~/ZARAZA Ñýð Èñààê Íüþòîí îòêðûë, ÷òî ÿáëîêè ïàäàþò íà çåìëþ. (Òâåí) _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Correction to latest Colsaire advisories 3APA3A (Sep 13)
- Re: Correction to latest Colsaire advisories Andreas Marx (Sep 15)
- <Possible follow-ups>
- Re: Correction to latest Colsaire advisories advisories (Sep 14)
- Re[2]: Correction to latest Colsaire advisories 3APA3A (Sep 14)
- Re[3]: Correction to latest Colsaire advisories advisories (Sep 14)
- Re[4]: Correction to latest Colsaire advisories 3APA3A (Sep 14)