On Fri, Aug 06, 2004 at 05:11:19PM -0400, Michael Scheidell wrote: > Have a vulnerability in an IBM product. > sent alert to security@xxxxxxx secure@xxxxxxx and cert@xxxxxxx, all three bounced. > Can anyone tell me the official address or procedure to notify IBM? For AIX-releated flaws, the contact is security-alert@xxxxxxxxxxxxxx For other products... good luck. I also have a vulnerability in an IBM product but I wasn't able to get in touch with anyone. Online forms told me to call a number that is unreachable outside USA. The AIX security officer told me he would find the right contact but I never got anything else since. -- __ /*- Frank DENIS (Jedi/Sector One) <j at 42-Networks.Com> -*\ __ \ '/ <a href="http://www.PureFTPd.Org/";> Secure FTP Server </a> \' / \/ <a href="http://www.Jedi.Claranet.Fr/";> Misc. free software </a> \/
