Full disclosure (mailing list)
Full disclosure was an unmoderated security mailing list generally used for discussion about information security and disclosure of vulnerabilities. The list was created on 9 July 2002 by Len Rose and was administered by Len Rose, who later handed it off to John Cartwright. After Len Rose shut down netsys.com, the list was hosted and sponsored by Secunia.[1]
On 25 March 2014 the Full Disclosure mailing list was "rebooted" by Fyodor. [2] The site is now part of seclists.org and no longer associated with grok.org.uk.
Notable 0-days first disclosed in Full-disclosure
| Email subject | Software | Date | Ref. |
|---|---|---|---|
| The history of a -probably- 13 years old Oracle bug: TNS Poison | Oracle Database | 2012-04-18 | [3] |
| Apacher Killer | Apache HTTP Server | 2011-08-26 | [4] |
| Microsoft Windows Help Centre Handles Malformed Escape Sequences Incorrectly | Microsoft Windows Help and Support Center | 2010-06-10 | [5] |
References
- ↑ "Full-Disclosure Mailing List Charter".
- ↑ Fyodor (2014-03-26). "Rebooting the Full Disclosure list". Retrieved 2014-03-26.
- ↑ "Unpatched Oracle database vulnerability accidentally disclosed".
- ↑ "Defending Against The 'Apache Killer' Exploit".
- ↑ "Google researcher gives Microsoft 5 days to fix XP zero-day bug".