<<< Date Index >>>     <<< Thread Index >>>

Re: Anyone know IBM's security address?



On Fri, Aug 06, 2004 at 05:11:19PM -0400, Michael Scheidell wrote:
> Have a vulnerability in an IBM product.
> sent alert to security@xxxxxxx secure@xxxxxxx and cert@xxxxxxx, all three 
> bounced.
> Can anyone tell me the official address or procedure to notify IBM?

  For AIX-releated flaws, the contact is security-alert@xxxxxxxxxxxxxx
  
  For other products... good luck. I also have a vulnerability in an IBM
product but I wasn't able to get in touch with anyone.

  Online forms told me to call a number that is unreachable outside USA.
  
  The AIX security officer told me he would find the right contact but I
never got anything else since.

-- 
 __  /*-    Frank DENIS (Jedi/Sector One) <j at 42-Networks.Com>    -*\  __
 \ '/    <a href="http://www.PureFTPd.Org/";> Secure FTP Server </a>    \' /
  \/  <a href="http://www.Jedi.Claranet.Fr/";> Misc. free software </a>  \/