Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Message-ID: <20121021153836.GA27958@openwall.com>
Date: Sun, 21 Oct 2012 19:38:36 +0400
From: Solar Designer <solar@...nwall.com>
To: oss-security@...ts.openwall.com
Cc: YGN Ethical Hacker Group <lists@...g.net>
Subject: Re: F5 FirePass SSL VPN 4xxx Series | Arbitrary URL Redirection

Tim,

On Sun, Oct 21, 2012 at 03:24:34PM +0100, Tim Brown wrote:
> I'm sure I will be corrected if I'm wrong in stating this.  But oss-security 
> is for the discussion of previously disclosed issues that affect F/OSS.  There 
> are doubtless some edge cases but I don't believe that the discussion of an 
> issue relating to BIG-IP F5s (a commerical, closed source product) has any 
> relevance to the oss-security list.   Please try and ensure you only email 
> this list when you require action from F/OSS developers and/or distributions.

Thank you for pointing this out!  I was under impression that YGN
Ethical Hacker Group knew what this list was for, after they had made
multiple on topic postings in the past.  Some [smaller] router firmware
is in fact Open Source.

I'm sorry that, as a list moderator, I let YEHG's original posting and a
follow-up through.  We'll reject further postings to this thread, unless
there are any on list policies and such rather than on the off-topic
vulnerability.

Alexander

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.