I didn't post it to bugtraq, anyways they would hide the advisory until a fix were ready, this is a common practice in some SecurityFocus mailing lists. I won't post anymore advisories to SecurityFocus mailing lists, they use to not aprove my posts so f*ck them. One time they ask me to give them some bug details and post it to bugtraq and i didn't accept, then when i wanted to post the bug advisory they didn't aprove my post. Also SecurityFocus is a Symantec company and Symantec is member of oisafety group so in future bugtraq will be full of old news if Symantec will lead by example about the 30-day grace period and all that ... It took me 1 minute to find the bug, i wonder if Symatec is a security company they should be more serious, shouldn't they?.
Cesar. --- Georgi Guninski <[EMAIL PROTECTED]> wrote: > Cesar wrote: > > Vendor Status : > > > > I really sorry Symantec i forgot about the 30-day > > grace period (see "Security Vulnerability > Reporting > > and Response Process", > > http://www.oisafety.org/process.html), also i > forgot > > to report it :) > > This is really funny Symantec try to protect users > and > > they intruduce dangerous ActiveX controls in users > > computers. I think that maybe this control should > be > > inroduced in Norton virus list :). I wonder if > this > > advisory will be on Security Focus news or > > vulnerability database. > > > > > > Did you post this to bugtraq, can't see it there? > > There is funny self promoting msg on bugtraq from > symantec regarding this bug. > > georgi > __________________________________ Do you Yahoo!? SBC Yahoo! DSL - Now only $29.95 per month! http://sbc.yahoo.com _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
