[Owasp-Malaysia] How do you disclose vulnerabilities ethically?

najmi.zabidi at gmail.com najmi.zabidi at gmail.com
Wed Mar 23 21:42:47 EDT 2011


All right, will be dead silent.
OWASP isn't my thing. SORRY!



On Thu, Mar 24, 2011 at 9:38 AM, Native19 <native19 at gmail.com> wrote:
> i got to agree with albert i suggest discussing something more web
> related like this
>
> http://jeremiahgrossman.blogspot.com/2011/02/top-ten-web-hacking-techniques-of-2011.html
>
> thanks
> native19
>
> On Thu, Mar 24, 2011 at 9:34 AM, Albert Siow <albert_siow at yahoo.com> wrote:
>> Guy,
>>  This has been widely discussed in SecurityFocus forum, it won't be necessary to discuss here. Further more, this is NOT a Web Security Issue!
>>
>>
>> --- On Thu, 3/24/11, najmi.zabidi at gmail.com <najmi.zabidi at gmail.com> wrote:
>>
>>> From: najmi.zabidi at gmail.com <najmi.zabidi at gmail.com>
>>> Subject: [Owasp-Malaysia] How do you disclose vulnerabilities ethically?
>>> To: "owasp-malaysia" <owasp-malaysia at lists.owasp.org>
>>> Date: Thursday, March 24, 2011, 8:57 AM
>>> Hi,
>>>
>>> This is recent SCADA vulnerabilities publicly disclosed
>>>
>>> Full-disclosure advisories and proof-of-concepts:
>>>
>>> http://seclists.org/bugtraq/2011/Mar/187
>>>
>>>
>>> If you track down the thread, the emails later "discuss" on
>>> public
>>> disclosure without vendor being notified beforehand.
>>>
>>> De Raadt reponse:
>>> http://seclists.org/bugtraq/2011/Mar/236
>>>
>>>
>>> But I keep wonder why SCADA has to be connected through
>>> Internet? Does
>>> "Die Hard 4" not teach you anything?
>>>
>>>
>>>
>>>
>>>
>>> --
>>> Join #ISOC [Internet Society] today and create connections
>>> with
>>> Internet Users around the world!
>>>
>>> Simplified Link: http://goo.gl/xmG90
>>> _______________________________________________
>>> Owasp-Malaysia mailing list
>>> Owasp-Malaysia at lists.owasp.org
>>> https://lists.owasp.org/mailman/listinfo/owasp-malaysia
>>>
>>> OWASP Malaysia Wiki
>>> http://www.owasp.my
>>>
>>> OWASP Malaysia Facebook
>>> http://www.facebook.com/OWASP.Malaysia
>>>
>>> OWASP Malaysia Twitter #owaspmy
>>> http://www.twitter.com/owaspmy
>>>
>>
>>
>>
>> _______________________________________________
>> Owasp-Malaysia mailing list
>> Owasp-Malaysia at lists.owasp.org
>> https://lists.owasp.org/mailman/listinfo/owasp-malaysia
>>
>> OWASP Malaysia Wiki
>> http://www.owasp.my
>>
>> OWASP Malaysia Facebook
>> http://www.facebook.com/OWASP.Malaysia
>>
>> OWASP Malaysia Twitter #owaspmy
>> http://www.twitter.com/owaspmy
>>
> _______________________________________________
> Owasp-Malaysia mailing list
> Owasp-Malaysia at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-malaysia
>
> OWASP Malaysia Wiki
> http://www.owasp.my
>
> OWASP Malaysia Facebook
> http://www.facebook.com/OWASP.Malaysia
>
> OWASP Malaysia Twitter #owaspmy
> http://www.twitter.com/owaspmy
>



-- 
Join #ISOC [Internet Society] today and create connections with
Internet Users around the world!

Simplified Link: http://goo.gl/xmG90


More information about the Owasp-Malaysia mailing list