[VIM] Secunia has now put ALL vulnerability info behind login?

Kurt Seifried kseifried at redhat.com
Fri Aug 22 11:35:17 CDT 2014 

Can you post information this to oss-security, this definitely impacts
the open source community. Thanks.

On 22/08/14 10:29 AM, Williams, James K wrote:
> FYI, Secunia has clarified what they mean by “commercial use” in a revised EULA.  In short, only “students, the press (if the use is for media coverage), private persons and hobby researchers” can use/view/access Secunia vulnerability data.
> Non-profit organizations, private companies, and public authorities and entities are NOT allowed to access or use any Secunia data, for any reason.
> 
> The revised EULA can be found here:  http://secunia.com/community/profile/ under the “Create Profile” tab.
> 
> Regards,
> Ken
> 
> From: vim-bounces at attrition.org [mailto:vim-bounces at attrition.org] On Behalf Of Scott Moore
> Sent: Monday, April 28, 2014 11:18 AM
> To: Vulnerability Information Managers
> Cc: vim-bounces at attrition.org
> Subject: Re: [VIM] Secunia has now put ALL vulnerability info behind login?
> 
> 
> I wonder what constitutes commercial purposes?
> 
> We reference them with a link to their website, and do not sell our vulnerability data.
> 
> Thanks.
> 
> -----
> Scott Moore
> Vulnerability Database - Team Lead
> X-Force Research and Development
> IBM Security Systems
> Office: 404-348-9288
> Cell: 404-643-1260
> 
> [Inactive hide details for "Williams, James K" ---04/28/2014 12:15:01 PM---FYI, it appears that Secunia just put all vulnerabili]"Williams, James K" ---04/28/2014 12:15:01 PM---FYI, it appears that Secunia just put all vulnerability content behind a login.  Additionally, the w
> 
> From: "Williams, James K" <Ken.Williams at ca.com<mailto:Ken.Williams at ca.com>>
> To: "vim at attrition.org<mailto:vim at attrition.org>" <vim at attrition.org<mailto:vim at attrition.org>>,
> Date: 04/28/2014 12:15 PM
> Subject: [VIM] Secunia has now put ALL vulnerability info behind login?
> Sent by: vim-bounces at attrition.org<mailto:vim-bounces at attrition.org>
> 
> ________________________________
> 
> 
> 
> FYI, it appears that Secunia just put all vulnerability content behind a login.  Additionally, the website states that the vuln info cannot be used for commercial purposes.
> 
> Regards,
> Ken Williams
> Director, Product Vulnerability Response Team
> 

-- 
Kurt Seifried -- Red Hat -- Product Security -- Cloud
PGP A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: <http://www.attrition.org/pipermail/vim/attachments/20140822/6d623696/attachment.asc>

More information about the VIM mailing list