[2151] in bugtraq


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: CERT Alert on new sendmail bug - any info?

daemon@ATHENA.MIT.EDU (Larry Kealey)
Tue Aug 22 09:53:35 1995

Date:         Tue, 22 Aug 1995 07:56:00 -0500
Reply-To: Bugtraq List <BUGTRAQ@CRIMELAB.COM>
From: Larry Kealey <kealeyl@Phibro.COM>
X-To:         Bugtraq List <BUGTRAQ@CRIMELAB.COM>
To: Multiple recipients of list BUGTRAQ <BUGTRAQ@CRIMELAB.COM>

on Aug 21, Karl Strickland Wrote:
>After several lengthy discussions explaining the vulnerability to SUN
>(mostly to convince them that a problem actually existed), we promised
>them we would not release any exploit info until their patch was
>available (in this instance).

To him I respond:

First, Karl, This is a FULL DISCLOSURE List, secondly, as I recall my
advisory - SUN is not the only vendor OS affected. You want to make
agreements with SUN not to disclose THIER vulnerabilities until they make
a patch - fine - don't post to BUGTRAQ.

L Kealey


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[2151] in bugtraq

Re: CERT Alert on new sendmail bug - any info?

daemon@ATHENA.MIT.EDU (Larry Kealey)Tue Aug 22 09:53:35 1995

daemon@ATHENA.MIT.EDU (Larry Kealey)
Tue Aug 22 09:53:35 1995