[Owasp-Malaysia] How do you disclose vulnerabilities ethically?

Native19 native19 at gmail.com
Wed Mar 23 21:38:25 EDT 2011


i got to agree with albert i suggest discussing something more web
related like this

http://jeremiahgrossman.blogspot.com/2011/02/top-ten-web-hacking-techniques-of-2011.html

thanks
native19

On Thu, Mar 24, 2011 at 9:34 AM, Albert Siow <albert_siow at yahoo.com> wrote:
> Guy,
>  This has been widely discussed in SecurityFocus forum, it won't be necessary to discuss here. Further more, this is NOT a Web Security Issue!
>
>
> --- On Thu, 3/24/11, najmi.zabidi at gmail.com <najmi.zabidi at gmail.com> wrote:
>
>> From: najmi.zabidi at gmail.com <najmi.zabidi at gmail.com>
>> Subject: [Owasp-Malaysia] How do you disclose vulnerabilities ethically?
>> To: "owasp-malaysia" <owasp-malaysia at lists.owasp.org>
>> Date: Thursday, March 24, 2011, 8:57 AM
>> Hi,
>>
>> This is recent SCADA vulnerabilities publicly disclosed
>>
>> Full-disclosure advisories and proof-of-concepts:
>>
>> http://seclists.org/bugtraq/2011/Mar/187
>>
>>
>> If you track down the thread, the emails later "discuss" on
>> public
>> disclosure without vendor being notified beforehand.
>>
>> De Raadt reponse:
>> http://seclists.org/bugtraq/2011/Mar/236
>>
>>
>> But I keep wonder why SCADA has to be connected through
>> Internet? Does
>> "Die Hard 4" not teach you anything?
>>
>>
>>
>>
>>
>> --
>> Join #ISOC [Internet Society] today and create connections
>> with
>> Internet Users around the world!
>>
>> Simplified Link: http://goo.gl/xmG90
>> _______________________________________________
>> Owasp-Malaysia mailing list
>> Owasp-Malaysia at lists.owasp.org
>> https://lists.owasp.org/mailman/listinfo/owasp-malaysia
>>
>> OWASP Malaysia Wiki
>> http://www.owasp.my
>>
>> OWASP Malaysia Facebook
>> http://www.facebook.com/OWASP.Malaysia
>>
>> OWASP Malaysia Twitter #owaspmy
>> http://www.twitter.com/owaspmy
>>
>
>
>
> _______________________________________________
> Owasp-Malaysia mailing list
> Owasp-Malaysia at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-malaysia
>
> OWASP Malaysia Wiki
> http://www.owasp.my
>
> OWASP Malaysia Facebook
> http://www.facebook.com/OWASP.Malaysia
>
> OWASP Malaysia Twitter #owaspmy
> http://www.twitter.com/owaspmy
>


More information about the Owasp-Malaysia mailing list