[Full-disclosure] Secunia jumps on vuln reward bandwagon
d.martyn.fulldisclosure at gmail.com
Fri Nov 4 11:10:35 GMT 2011
I know it sounds lame, but getting even a free coffee mug for disclosing an
XSS or similar is not bad as far as I am concerned.
But out of curiosity, which companies (eg, ZDI) accept web app bugs? Say,
RCE bugs in a bunch of popular web apps or e-commerce applications? Or
LFI/Path traversal bugs in other e-commerce/blogging/admin applets? I would
love to know!
On Fri, Nov 4, 2011 at 9:09 AM, Georgi Guninski <guninski at guninski.com>wrote:
> On Fri, Nov 04, 2011 at 05:13:07AM +1100, GloW - XD wrote:
> > Well, no comment, or comment.... its hard to comment on this one :P
> > Although, i will say it is good and encouraging to see more security
> > teams atleast offering *something*
> > :)
> > love the list...oh yea baby oh yea
> the list is not bad, we have celebrity flamers like GNAA themselves here ;)
> i won't be surprised if the list owner (whoever he/she is) sell the list
> at good opportunity (like aleph1 ruined bugtraq).
> appears to me secunia gets too much advertisement by injecting
> their spam signature for the cost of hosting and sponsoring,
> though this is up to the list owner.
> SPAM: vvvvv
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
-------------- next part --------------
An HTML attachment was scrubbed...
Full-Disclosure is hosted and sponsored by Secunia.