[38583] in bugtraq
Re: [Full-disclosure] [VulnDiscuss] Re: -==phpBB 2.0.14 Multiple
daemon@ATHENA.MIT.EDU (Dave Aitel)
Mon Apr 25 16:49:11 2005
Message-ID: <426BD5FD.7090507@immunitysec.com>
Date: Sun, 24 Apr 2005 13:23:09 -0400
From: Dave Aitel <dave@immunitysec.com>
MIME-Version: 1.0
To: Paul Laudanski <zx@castlecops.com>
Cc: link@lists.grok.org.uk, full-disclosure@lists.grok.org.uk,
bugtraq@securityfocus.com, vulndiscuss@vulnwatch.org
In-Reply-To: <000001c5485c$6544b580$7d00a8c0@DesertComputerLLC.local>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Paul Laudanski wrote:
>>Risk: Low Risk!!
>>Impact: Multiple Vulnerabilities.
>>
>> -==phpBB 2.0.14 Multiple Vulnerabilities==-
>>
>>
>
>Unsure if its me, but I didn't see a vendor notification here? Might be
>because I'm so happy being a proud new dad, but, I thought proper
>disclosure etiquette involved vendor notification and time to test
>properly, and waiting for a patch to be released?
>
>Whatever happened to that?
>
>
>
Nothing happened to that - it was never true. Those of us who find bugs
would really appreciate it if every Microsoft MVP would stop
astroturfing these lists about it too.
Thanks,
Dave Aitel
Immunity, Inc.
