Remote code execution vulnerability in most recent versions of the nginx web server. Pending responsible disclosure via Zero Day Initiative and the nginx team
-
-
Only thing that's irresponsible is claiming RCE without getting code exec (this is a generalization; we'll see about this case)
-
What’s irresponsible, is to expect the researchers who are already helping you voluntarily, to further work days for free, just to prove it on your own terms that you have a problem
- 2 more replies
New conversation -
-
-
*actively* lurked, Tavis. Actively.
-
active persistent lurkers
End of conversation
New conversation -
-
-
i worked hard on this PoC and spent over 100 rubles on servers developing it.
- 1 more reply
New conversation -
-
The very phrase “responsible disclosure” is a canard which tends to shame researchers. I prefer “coordinated disclosure”.
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
@BillyZsigray
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.
