Re: Anyone know IBM's security address?

To: Michael Scheidell <scheidell@xxxxxxxxxx>
Subject: Re: Anyone know IBM's security address?
From: Jedi/Sector One <j@xxxxxxxxxxxx>
Date: Fri, 6 Aug 2004 23:42:21 +0200
Cc: full-disclosure@xxxxxxxxxxxxxxxx, bugtraq@xxxxxxxxxxxxxxxxx
In-reply-to: <B3BCAF4246A8A84983A80DAB50FE724214B122@xxxxxxxxxxxxxxxxxx>
List-help: <mailto:bugtraq-help@securityfocus.com>
List-id: <bugtraq.list-id.securityfocus.com>
List-post: <mailto:bugtraq@securityfocus.com>
List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
Mailing-list: contact bugtraq-help@xxxxxxxxxxxxxxxxx; run by ezmlm
References: <B3BCAF4246A8A84983A80DAB50FE724214B122@xxxxxxxxxxxxxxxxxx>
User-agent: Mutt/1.5.6i

On Fri, Aug 06, 2004 at 05:11:19PM -0400, Michael Scheidell wrote:
> Have a vulnerability in an IBM product.
> sent alert to security@xxxxxxx secure@xxxxxxx and cert@xxxxxxx, all three 
> bounced.
> Can anyone tell me the official address or procedure to notify IBM?

  For AIX-releated flaws, the contact is security-alert@xxxxxxxxxxxxxx

  For other products... good luck. I also have a vulnerability in an IBM
product but I wasn't able to get in touch with anyone.

  Online forms told me to call a number that is unreachable outside USA.

  The AIX security officer told me he would find the right contact but I
never got anything else since.

-- 
 __  /*-    Frank DENIS (Jedi/Sector One) <j at 42-Networks.Com>    -*\  __
 \ '/    <a href="http://www.PureFTPd.Org/";> Secure FTP Server </a>    \' /
  \/  <a href="http://www.Jedi.Claranet.Fr/";> Misc. free software </a>  \/

References:
- Anyone know IBM's security address?
  - From: Michael Scheidell

Prev by Date: Re: GNU/Linux 'info Buffer Overflow
Next by Date: SuSE Linux K-Menu YAST Control Center Priviledge Escalation Vulnerability
Previous by thread: Anyone know IBM's security address?
Next by thread: xss in moodle (post.php)
Index(es):
- Date
- Thread