[Owasp-Malaysia] How do you disclose vulnerabilities ethically?

najmi.zabidi at gmail.com najmi.zabidi at gmail.com
Wed Mar 23 20:57:58 EDT 2011


This is recent SCADA vulnerabilities publicly disclosed

Full-disclosure advisories and proof-of-concepts:


If you track down the thread, the emails later "discuss" on public
disclosure without vendor being notified beforehand.

De Raadt reponse:

But I keep wonder why SCADA has to be connected through Internet? Does
"Die Hard 4" not teach you anything?

Join #ISOC [Internet Society] today and create connections with
Internet Users around the world!

Simplified Link: http://goo.gl/xmG90

More information about the Owasp-Malaysia mailing list