The following from an artical :-
http://www.newsforge.com/article.pl?sid=04/08/05/1236234
It turns out I was going about the process of vulnerability notification all wrong. I should have gone to the United States Computer Emergency Readiness Team to report them.
The US-CERT home page provides an email address [EMAIL PROTECTED] for reporting vulnerabilities. If you use it, you will receive more detailed instructions on how to complete this form.
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
