This doesn't feel like responsible disclosure and is not the way to announce weaknesses in software. It is best to deal with scenarios that have already been addressed.
________________________________ From: sc-l-boun...@securecoding.org [mailto:sc-l-boun...@securecoding.org] On Behalf Of Matt Parsons Sent: Tuesday, March 16, 2010 11:41 AM To: owaspdal...@utdallas.edu Cc: websecur...@webappsec.org; SC-L@securecoding.org Subject: [SC-L] blog post and open source vulnerabilities to blog about Hello, I am working on a software security blog and I am trying to find open source vulnerabilities to present and share. Does anyone else have any open source vulnerabilities that they could share and talk about? I think this could be the best way to learn in the open source community about security. I have a few but I would like to blog about a different piece of code almost every day. God Bless. Matt http://parsonsisconsulting.blogspot.com/ Matt Parsons, MSM, CISSP 315-559-3588 Blackberry 817-294-3789 Home office "Do Good and Fear No Man" Fort Worth, Texas A.K.A The Keyboard Cowboy mailto:mparsons1...@gmail.com http://www.parsonsisconsulting.com http://www.o2-ounceopen.com/o2-power-users/ http://www.linkedin.com/in/parsonsconsulting http://parsonsisconsulting.blogspot.com/ http://www.vimeo.com/8939668 ************************************************************ This communication, including attachments, is for the exclusive use of addressee and may contain proprietary, confidential and/or privileged information. If you are not the intended recipient, any use, copying, disclosure, dissemination or distribution is strictly prohibited. If you are not the intended recipient, please notify the sender immediately by return e-mail, delete this communication and destroy all copies. ************************************************************
<<image001.jpg>>
<<image002.jpg>>
_______________________________________________ Secure Coding mailing list (SC-L) SC-L@securecoding.org List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l List charter available at - http://www.securecoding.org/list/charter.php SC-L is hosted and moderated by KRvW Associates, LLC (http://www.KRvW.com) as a free, non-commercial service to the software security community. _______________________________________________