|
|
 |
| New User, Welcome! Login |
Re: Vulnerabilities in some SCADA server softwares
| From: |
Luigi Auriemma <aluigi autistici org> |
| To: |
"J Oquendo" <sil infiltrated net> |
| Cc: |
bugtraq securityfocus com |
| Subject: |
Re: Vulnerabilities in some SCADA server softwares |
| Date: |
Mon - Mar 21, 2011 01:31 PM |
> At what point in time did you try contacting any of the vendors for
> these issues?
the vendors of the affected softwares have not been contacted.
> How do you propose a manufacturer fix an issue?
in the security field a public vulnerability is a dead vulnerability,
anyone who has found and released at least one security bug in his life
knows it and knows to what I refer.
90% of the job of fixing a bug is just finding it first, I have even
showed the details, the causes and the ways to replicate them.
> Where in any of your advisories did you take the time to let a company
> know: "hey you guys have some potential issues, here they are!!!"
I have done it in the exact moment that I have uploaded my advisories on
my website making anyone aware of the problems, included the same
vendors that now can fix them.
---
Luigi Auriemma
http://aluigi.org
|
|
|
Copyright © 1995-2012 LinuxRocket.net. All rights reserved.
Nearly all of LinuxRocket's features are free. Be kind and donate to the cause!
