[VIM] Re: Secunia published adviso without respectingrelease date ! (fwd)

security curmudgeon jericho at attrition.org
Wed Jul 13 18:10:08 EDT 2005

: > Interesting. His /adviso/ folder is public I take it, and previous
: > advisories were disclosed there. Seems like it is fair game if there are
: > no restrictions put in place to stop people from accessing the content.
: Agreed.  If vuln DB's are going to be complete, they're going to monitor 
: these kinds of things anyway.  How could Secunia or any other 
: organization know when it's been really "published" or not?  If it's on 
: a public site then that's that.
: On a side note... so THAT'S where Secunia got the Romang advisories that 
: I couldn't find anywhere else!  I had to create some CAN's with only the 
: Secunia advisory as a reference, but I like to point to the original 
: researcher advisory whenever possible.

Likewise! They still manage to dig up some stuff that I can't find 
reference to anywhere else. I have a feeling they keep a comprehensive 
list of these types of URLs to check. OSVDB does too, but I just don't 
have time to check them near as frequently as i'd like.

More information about the VIM mailing list