[OWASP-South Africa] OWASP-SouthAfrica Digest, Vol 14, Issue 2

Haroon Meer haroon at thinkst.com
Mon Jan 31 15:23:47 EST 2011


Hi

On Mon, Jan 31, 2011 at 9:26 PM, Dash Shendy <admin at dash.za.net> wrote:
> Bug first discovered circa ~2008
> Institution alerted officially July 2010 (Security Analyst working for institution was alerted personally)
> More N More People Were Told About The Bug July-Oct
> Bug was fixed in Oct 2010

Quick nit-pick..

Adding the date you discovered the bug (but didn't report it yet)
skews the time-line without being fair to the institution in question.
Essentially (using your timeline) you are looking at between 2 & 4
months (depending on the monthly extremes), which sounds very
different to 2008-2010 :>

/mh


--
Haroon Meer        http://thinkst.com/
Tel: +27 83 786 6637    PGP: http://thinkst.com/pgp/haroon.txt


More information about the OWASP-SouthAfrica mailing list