Full Disclosure mailing list archives
Re: Fw: Earth to Facebook
From: "Thor (Hammer of God)" <thor () hammerofgod com>
Date: Sun, 18 Mar 2012 21:24:07 +0000
Why not just provide them with the contact and they can forward it on directly? Then you could obviate the entire trust issue... t From: full-disclosure-bounces () lists grok org uk [mailto:full-disclosure-bounces () lists grok org uk] On Behalf Of upsploit advisories Sent: Sunday, March 18, 2012 1:56 PM To: Michal Zalewski Cc: full-disclosure () lists grok org uk Subject: Re: [Full-disclosure] Fw: Earth to Facebook The only other people that see the vulnerability are the select few in upSploit. However if the vendor is already in the upSploit database the advisory gets submitted straight away to the vendor. If you want to try it out there should be an upSploit vendor in the vendor list. Submit some advisories there. There is no ploy - like anything it is about trust. I created the service because when I first started I found it hard to find contacts sometimes. Use it if you want, don't if you don't. Simple as that really! Use it once for something you may not care about to much and see how it works for you. Thanks, On 18 March 2012 20:22, Michal Zalewski <lcamtuf () coredump cx<mailto:lcamtuf () coredump cx>> wrote:
Without meaning to advertise, that is one of the reasons upSploit was created - so that you could submit a vulnerability and then upSploit automatically sends to the vendor. This way you and your friend don't have to do any of the work on the disclosure.
I clicked around and don't see any obvious explanation; other than the reporter and the vendor, who else gets to see the submissions and under what circumstances? /mz
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Earth to Facebook J. Oquendo (Mar 15)
- Re: Earth to Facebook crazy frog crazy frog (Mar 18)
- Re: Earth to Facebook Ferenc Kovacs (Mar 18)
- Re: Earth to Facebook Jeffrey Walton (Mar 18)
- Re: Earth to Facebook Zach C. (Mar 18)
- Re: Earth to Facebook Jeffrey Walton (Mar 18)
- <Possible follow-ups>
- Re: Fw: Earth to Facebook upsploit advisories (Mar 18)
- Re: Fw: Earth to Facebook Michal Zalewski (Mar 18)
- Re: Fw: Earth to Facebook upsploit advisories (Mar 18)
- Re: Fw: Earth to Facebook Thor (Hammer of God) (Mar 18)
- Re: Fw: Earth to Facebook upsploit advisories (Mar 18)
- Re: Fw: Earth to Facebook Michal Zalewski (Mar 19)
- Re: Fw: Earth to Facebook Michal Zalewski (Mar 18)