Search This Blog

Powered by Blogger.

Blog Archive

Labels

Secunia apologises after accidentally disclosing zero-day vulnerability on public mailing list

Secunia, an international IT Security firm specialized in vulnerability management , has apologized after an unfixed zero-day vulnerability was accidentally sent to a public mailing list.


Secunia, an international IT Security firm specialized in vulnerability management , has apologized after an unpatched zero-day vulnerability was accidentally sent to a public mailing list.

The story published yesterday by Security Week revealed the mistake Secunia made while forwarding the a zero-day details within an image viewing app. The email was supposed to be addressed to the vuln address at Secunia.  However the auto-fill mistake address sent the details to the vim[at]attrition.org.

"While coordinating with the researcher, one email was accidentally sent from Secunia to a public emailing list, thereby making information about one of the vulnerabilities publically available." Secunia commented on the disclosed vulnerability.

"Upon realizing the mistake, Secunia immediately informed the vendor in question, who is currently working to create a patch for the vulnerability. Secunia is going through all procedures to ensure that this cannot happen in future. " 
Share it:

Featured

IT Security News

Secunia

Security News