[Owasp-Malaysia] How do you disclose vulnerabilities ethically?

najmi.zabidi at gmail.com najmi.zabidi at gmail.com
Wed Mar 23 22:02:12 EDT 2011


i need to enroll some psychological disorder group.
can't resist to post.

maybe i should unsubscribe, can't resist the temptation to post unrelated topic.

yeah, got blog too.
but don't feel like i want to share.



On 3/24/11, Native19 <native19 at gmail.com> wrote:
> haha najmi chill out come on be positive lar we just helping to make
> sure the chapter has better content so that everyone has a gain from
> it..i suggest putting up your own blog..i'll be a frequent reader cos
> there is always interesting content from you :)
>
> On Thu, Mar 24, 2011 at 9:42 AM, najmi.zabidi at gmail.com
> <najmi.zabidi at gmail.com> wrote:
>> All right, will be dead silent.
>> OWASP isn't my thing. SORRY!
>>
>>
>>
>> On Thu, Mar 24, 2011 at 9:38 AM, Native19 <native19 at gmail.com> wrote:
>>> i got to agree with albert i suggest discussing something more web
>>> related like this
>>>
>>> http://jeremiahgrossman.blogspot.com/2011/02/top-ten-web-hacking-techniques-of-2011.html
>>>
>>> thanks
>>> native19
>>>
>>> On Thu, Mar 24, 2011 at 9:34 AM, Albert Siow <albert_siow at yahoo.com>
>>> wrote:
>>>> Guy,
>>>>  This has been widely discussed in SecurityFocus forum, it won't be
>>>> necessary to discuss here. Further more, this is NOT a Web Security
>>>> Issue!
>>>>
>>>>
>>>> --- On Thu, 3/24/11, najmi.zabidi at gmail.com <najmi.zabidi at gmail.com>
>>>> wrote:
>>>>
>>>>> From: najmi.zabidi at gmail.com <najmi.zabidi at gmail.com>
>>>>> Subject: [Owasp-Malaysia] How do you disclose vulnerabilities
>>>>> ethically?
>>>>> To: "owasp-malaysia" <owasp-malaysia at lists.owasp.org>
>>>>> Date: Thursday, March 24, 2011, 8:57 AM
>>>>> Hi,
>>>>>
>>>>> This is recent SCADA vulnerabilities publicly disclosed
>>>>>
>>>>> Full-disclosure advisories and proof-of-concepts:
>>>>>
>>>>> http://seclists.org/bugtraq/2011/Mar/187
>>>>>
>>>>>
>>>>> If you track down the thread, the emails later "discuss" on
>>>>> public
>>>>> disclosure without vendor being notified beforehand.
>>>>>
>>>>> De Raadt reponse:
>>>>> http://seclists.org/bugtraq/2011/Mar/236
>>>>>
>>>>>
>>>>> But I keep wonder why SCADA has to be connected through
>>>>> Internet? Does
>>>>> "Die Hard 4" not teach you anything?
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>> --
>>>>> Join #ISOC [Internet Society] today and create connections
>>>>> with
>>>>> Internet Users around the world!
>>>>>
>>>>> Simplified Link: http://goo.gl/xmG90
>>>>> _______________________________________________
>>>>> Owasp-Malaysia mailing list
>>>>> Owasp-Malaysia at lists.owasp.org
>>>>> https://lists.owasp.org/mailman/listinfo/owasp-malaysia
>>>>>
>>>>> OWASP Malaysia Wiki
>>>>> http://www.owasp.my
>>>>>
>>>>> OWASP Malaysia Facebook
>>>>> http://www.facebook.com/OWASP.Malaysia
>>>>>
>>>>> OWASP Malaysia Twitter #owaspmy
>>>>> http://www.twitter.com/owaspmy
>>>>>
>>>>
>>>>
>>>>
>>>> _______________________________________________
>>>> Owasp-Malaysia mailing list
>>>> Owasp-Malaysia at lists.owasp.org
>>>> https://lists.owasp.org/mailman/listinfo/owasp-malaysia
>>>>
>>>> OWASP Malaysia Wiki
>>>> http://www.owasp.my
>>>>
>>>> OWASP Malaysia Facebook
>>>> http://www.facebook.com/OWASP.Malaysia
>>>>
>>>> OWASP Malaysia Twitter #owaspmy
>>>> http://www.twitter.com/owaspmy
>>>>
>>> _______________________________________________
>>> Owasp-Malaysia mailing list
>>> Owasp-Malaysia at lists.owasp.org
>>> https://lists.owasp.org/mailman/listinfo/owasp-malaysia
>>>
>>> OWASP Malaysia Wiki
>>> http://www.owasp.my
>>>
>>> OWASP Malaysia Facebook
>>> http://www.facebook.com/OWASP.Malaysia
>>>
>>> OWASP Malaysia Twitter #owaspmy
>>> http://www.twitter.com/owaspmy
>>>
>>
>>
>>
>> --
>> Join #ISOC [Internet Society] today and create connections with
>> Internet Users around the world!
>>
>> Simplified Link: http://goo.gl/xmG90
>> _______________________________________________
>> Owasp-Malaysia mailing list
>> Owasp-Malaysia at lists.owasp.org
>> https://lists.owasp.org/mailman/listinfo/owasp-malaysia
>>
>> OWASP Malaysia Wiki
>> http://www.owasp.my
>>
>> OWASP Malaysia Facebook
>> http://www.facebook.com/OWASP.Malaysia
>>
>> OWASP Malaysia Twitter #owaspmy
>> http://www.twitter.com/owaspmy
>>
> _______________________________________________
> Owasp-Malaysia mailing list
> Owasp-Malaysia at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-malaysia
>
> OWASP Malaysia Wiki
> http://www.owasp.my
>
> OWASP Malaysia Facebook
> http://www.facebook.com/OWASP.Malaysia
>
> OWASP Malaysia Twitter #owaspmy
> http://www.twitter.com/owaspmy
>


-- 
Join #ISOC [Internet Society] today and create connections with Internet
Users around the world!

Simplified Link: http://goo.gl/xmG90


More information about the Owasp-Malaysia mailing list