<<< Date Index >>>     <<< Thread Index >>>

RE: Re[2]: [Full-disclosure] Panda Antivirus 2008 Local Privileg Escalation (UPS they did it again)



 
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

> -----Original message-----
> From: 3APA3A [mailto:3APA3A@xxxxxxxxxxxxxxxx] 
> 
>  secure@xxxxxxxxxxxxxxxxx was contacted about this same 
> vulnerability in  Panda  Antivirus  2007  on August, 11 2006 
> (more than year ago) without  any results and response, until 
> information was published in Bugtraq.

The vulnerability response team was created in 10/2006 to manage
vulnerability reports and create fixes as necessary. 


>  As  far,  as  I  can  see, pandasecurity.com is Swedish 
> domain of Panda  while  pandasoftware.com  is  international  
> one.  I believe it's quite  reasonable   to   have 
> secure@xxxxxxxxxxxxxxxxx  to  be   forwarded  to
> secure@xxxxxxxxxxxxxxxxx, don't you think so?

Re: secure@xxxxxxxxxxxxxxxxx & secure@xxxxxxxxxxxxxxxxx, it's the
same contact mailbox at the Panda HQ domain in Spain (.es), not
Sweden (.se). Public key attached.

Regards,

- ----------------------------------------------
Pedro Bustamante
Senior Research Advisor
Panda Security

email: pedro.bustamante@xxxxxxxxxxxxxxxxx <0xC684A6F9>
vulns: secure@xxxxxxxxxxxxxxxxx <0x70F3FEA0>
phone: (+34) 91-8063700
blog:  http://research.pandasoftware.com 
- ----------------------------------------------



-----BEGIN PGP SIGNATURE-----
Version: PGP 8.1

iQA/AwUBRvdrw46s6aZw8/6gEQJ+bACfWyLJHFMarDWRU1h/sbD7xttIUmkAoO2W
lMvAKwSZDMPuCx7yCnEFnQ+y
=wLME
-----END PGP SIGNATURE-----
 

Attachment: Panda Security Response.asc
Description: Panda Security Response.asc