The Full Disclosure mailing list is a public forum for detailed discussion of vulnerabilities and exploitation techniques, as well as tools, papers, news, and events of interest to the community. FD differs from other security lists in its open nature and support for researchers' right to decide how to disclose their own discovered bugs. The full disclosure movement has been credited with forcing vendors to better secure their products and to publicly acknowledge and fix flaws rather than hide them. Vendor legal intimidation and censorship attempts are not tolerated here!
This list is meant as a spiritual successor to the grok.org.uk Full-Disclosure list started by Len Rose and John Cartwright in 2002 and terminated abruptly in March 2014 due to bogus legal threats. We are giving this list a fresh start, so members of the old list need to resubscribe here.
This list is run by and for the network security community. Moderation is performed by a team of volunteers using our moderation guidelines. Time is truly of the essence in vulnerability disclosure, so we try to keep the moderation delay short. When we need more moderators we will recruit from the most active and insightful list members.
You must join the list before you can post to it. Submit posts to firstname.lastname@example.org. If you don't want list message delivery to the address you post from, you can disable it in list config.
Posts are publicly archived at the Seclists.org Full Disclosure web archive and the list RSS feed is available there too. Various unofficial archives exist as well. You can prevent archiving (at least for Seclists) by specifying the X-No-Archive mail header in your post, but you might reconsider whether to post such a sensitive message to a public list in the first place.
Given the light moderation policy and that we generally don't verify posted information, and that email forgery is easy, deal with all list content at your own risk! In particular, running any "exploit scripts" or executables posted to this list can be disastrous.
To post a message to all the list members, send email to email@example.com.
You can subscribe to the list, or change your existing subscription, in the sections below.
Subscribe to Fulldisclosure by filling out the following form. You will be sent email requesting confirmation, to prevent others from gratuitously subscribing you. This is a hidden list, which means that the list of members is available only to the list administrator.
|Delivered by Mailman
|Python Powered||Gnu's Not Unix|