[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Full-disclosure] Questions about reporting a vulnerability
- To: full-disclosure@xxxxxxxxxxxxxxxxx
- Subject: [Full-disclosure] Questions about reporting a vulnerability
- From: "xyberpix" <xyberpix@xxxxxxxxxxxx>
- Date: Fri, 29 Apr 2005 10:54:13 +0100 (BST)
Hey All,
Couple of questions on reporting vulnerabilities:
1) Is there a damn template somewhere that can be used, as I'm pretty sure
there was at one point, and I can't seem to find it? If so, could someone
please let me know where this is located?
2) Is it worth sending something out like a cookie storing usernames and
passwords in clear text for a major vendor's piece of software?
3) What's the correct procedure to go through reporting a vulnerability?
If all of these questions can be answered with one simple link, can
someone please paste it, as I really need to know this info soon.
TIA
xyberpix
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/