[VIM] Bogus RFI Reports Getting Out of Hand

Steven M. Christey coley at linus.mitre.org
Mon Jan 8 14:01:22 EST 2007

On Mon, 8 Jan 2007 bugtraq at cgisecurity.net wrote:

> Maybe you should draft up a top ten bogus vuln finders article and post
> it to the lists :) It would be interesting to see statistics regarding
> if the 'disclosure' knew it was fake, or if they thought it was real.

I've been thinking this same thing, myself, perhaps (to jump on a
bandwagon) as part of a Month of Vulnerability Information Errors (MOVIE)

Things are definitely getting out of hand.  And even if Bugtraq tries to
filter out reports from frequently erroneous researchers, they would go to
full-disclosure and we'd still have to deal with it.

- Steve

More information about the VIM mailing list