[VIM] Re: Secunia published adviso without respectingrelease
date ! (fwd)
security curmudgeon
jericho at attrition.org
Wed Jul 13 18:10:08 EDT 2005
: > Interesting. His /adviso/ folder is public I take it, and previous
: > advisories were disclosed there. Seems like it is fair game if there are
: > no restrictions put in place to stop people from accessing the content.
:
: Agreed. If vuln DB's are going to be complete, they're going to monitor
: these kinds of things anyway. How could Secunia or any other
: organization know when it's been really "published" or not? If it's on
: a public site then that's that.
:
: On a side note... so THAT'S where Secunia got the Romang advisories that
: I couldn't find anywhere else! I had to create some CAN's with only the
: Secunia advisory as a reference, but I like to point to the original
: researcher advisory whenever possible.
Likewise! They still manage to dig up some stuff that I can't find
reference to anywhere else. I have a feeling they keep a comprehensive
list of these types of URLs to check. OSVDB does too, but I just don't
have time to check them near as frequently as i'd like.
More information about the VIM
mailing list