[VIM] Dana Epp on responsible disclosure and VDB's
Stuart Moore
smoore at securityglobal.net
Tue Aug 23 17:55:59 EDT 2005
Ah, the view from the comfort of your own blog!
Stuart
Steven M. Christey wrote:
> A recent blog entry by Dana Epp calls SecurityFocus to task for
> publishing a BID on a third party researcher's report of a buffer
> overflow that had not been coordinated with the vendor:
>
> Please act more responsibly "AT ma CA". And you too Symantec (the
> owners of Security Focus). You aren't helping the industry when you
> do this. You hurt it.
>
> http://silverstr.ufies.org/blog/archives/000849.html
>
>
> Given the growing frequency of these kinds of complaints, it feels
> like vuln DB's are going to be visibly targeted one of these days.
>
> - Steve
>
More information about the VIM
mailing list