[VIM] Re: Secunia published adviso without respectingrelease
date ! (fwd)
Steven M. Christey
coley at linus.mitre.org
Wed Jul 13 18:06:39 EDT 2005
On Wed, 13 Jul 2005, security curmudgeon wrote:
> Interesting. His /adviso/ folder is public I take it, and previous
> advisories were disclosed there. Seems like it is fair game if there are
> no restrictions put in place to stop people from accessing the content.
Agreed. If vuln DB's are going to be complete, they're going to monitor
these kinds of things anyway. How could Secunia or any other organization
know when it's been really "published" or not? If it's on a public site
then that's that.
On a side note... so THAT'S where Secunia got the Romang advisories that I
couldn't find anywhere else! I had to create some CAN's with only the
Secunia advisory as a reference, but I like to point to the original
researcher advisory whenever possible.
More information about the VIM