[VIM] betaparticle disclosure drama?

George A. Theall theall at tenablesecurity.com
Tue Mar 21 08:02:19 EST 2006


security curmudgeon wrote:

> http://blog.betaparticle.com/template_permalink.asp?id=102
> 
> Here's the exploit details but I don't really understand how an
> "advisory site" with only one exploit listed, could've heard about this
> only minutes after the hacks occurred.  Hmmm...it looks like they're the
> ones who did the hacking but I'll reserve judgment until this simple
> coincidence is explained to me.  Where did they get the info for this
> hack?  Was it sent to them or did they write it?

Looks like the blog author "missed" the fact that nukedx.com site
belongs to the same person who submitted the original advisory. This
seems odd, though, given that nukedx claims to have notified the vendor.
Did he/she just fail to make the connection?

I'm also mildly curious about the phrase "after the hacks occurred".
Does this mean sites were actually hacked? Or is he/she equating the
term hacking with research?

George


More information about the VIM mailing list