[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-security] Sendmail: If you haven't patched it yet..
- Subject: Re: [cobalt-security] Sendmail: If you haven't patched it yet..
- From: paul jacobs <paul@xxxxxxxxxxxxxxxxxx>
- Date: Wed, 05 Mar 2003 10:06:36 -0800
- List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>
At 10:02 AM 3/5/2003, you wrote:
> I do believe that you should give a company notice of a security problem
> with there software 1 month before releasing how to access the security
> problem..
> Then if it is not fixed by the company they are liable, if fixed by the
> company and, not the user the user should not be a system admin.
when you look at the ISS advisory you'll see the following:
<quote>
Vendor Notification Schedule:
Initial vendor notification: 1/13/2003
Initial vendor confirmation: 1/13/2003
Final release schedule confirmation: 1/31/2003
<unquote>
And as the news report it,
the US Gestapo ... err ... Department of Homeland Security
hehehehehehehehehehehehehehehehehehehe... but wait that is true and not
very funny at all!.
had the entire matter it under tight wraps to make sure that
everyone had time to prepare their patches. This makes it even more
suspicious that Sun had no patches ready. Not even for Solaris!
Conspiracy abounds... do they plan to put sendmail out of the server market?
--
With best regards,
Michael Stauber
_______________________________________________
cobalt-security mailing list
cobalt-security@xxxxxxxxxxxxxxx
http://list.cobalt.com/mailman/listinfo/cobalt-security
Best Regards,
Paul Jacobs / SR. Network Manager
Microsoft MCP 2000 / Cisco Certified
Design / Install / Troubleshoot / Optimize /
Security of WANs / LANs / Data Recovery
Mon. - Fri. 9AM - 5PM (619)336-1400
http://www.adv-data.com