Re: local Calendar System v1.1 (lcStdLib.inc) Remote File Include

To:	Gadi Evron <ge@linuxbox.org>
Subject:	Re: local Calendar System v1.1 (lcStdLib.inc) Remote File Include
From:	Stefano Zanero <s.zanero@securenetwork.it>
Date:	Mon, 29 Jan 2007 20:46:53 +0100
Cc:	trzindan@hotmail.fr, bugtraq@securityfocus.com
Delivered-to:	sp-com-lists@consult.net
Delivered-to:	bugtraq-list@securepoint.com
Delivered-to:	mailing list bugtraq@securityfocus.com
Delivered-to:	moderator for bugtraq@securityfocus.com
In-reply-to:	<Pine.LNX.4.21.0701291259320.14925-100000@linuxbox.org>
List-help:	<mailto:bugtraq-help@securityfocus.com>
List-id:	<bugtraq.list-id.securityfocus.com>
List-post:	<mailto:bugtraq@securityfocus.com>
List-subscribe:	<mailto:bugtraq-subscribe@securityfocus.com>
List-unsubscribe:	<mailto:bugtraq-unsubscribe@securityfocus.com>
Mailing-list:	contact bugtraq-help@securityfocus.com; run by ezmlm
Organization:	Secure Network S.r.l.
References:	<Pine.LNX.4.21.0701291259320.14925-100000@linuxbox.org>
User-agent:	Thunderbird 1.5.0.9 (X11/20061223)

Gadi Evron wrote:
> How can we all automate the testing process for fake vulns in and list
> them as such without overburdening OSVDB, CVE, Milworm and SecuriTeam?

I suggest to ask for a pointer to the single source file where the
vulnerability exists, a pointer to the archive of the correct version of
the application, and a clear description of the vuln, or otherwise
reject the posting altogether.

This would at least add a filter... and make our life easier when
cross-checking.

Stefano

<Prev in Thread]	Current Thread	[Next in Thread>
local Calendar System v1.1 (lcStdLib.inc) Remote File Include, trzindan Re: local Calendar System v1.1 (lcStdLib.inc) Remote File Include, Stefano Zanero Re: local Calendar System v1.1 (lcStdLib.inc) Remote File Include, Gadi Evron Re: local Calendar System v1.1 (lcStdLib.inc) Remote File Include, Stefano Zanero <= Re: local Calendar System v1.1 (lcStdLib.inc) Remote File Include, Simple Nomad Re: local Calendar System v1.1 (lcStdLib.inc) Remote File Include, Gadi Evron

Previous by Date:	Arbitrary Code Execution in SQL-Ledger and LedgerSMB through redirects, Chris Travers
Next by Date:	[ GLSA 200701-25 ] X.Org X server: Multiple vulnerabilities, Matthias Geerdsen
Previous by Thread:	Re: local Calendar System v1.1 (lcStdLib.inc) Remote File Include, Gadi Evron
Next by Thread:	Re: local Calendar System v1.1 (lcStdLib.inc) Remote File Include, Simple Nomad
Indexes:	[Date] [Thread] [Top] [All Lists]