Posted by Douglas Held on Jun 09

Dear Fulldisclosure,

I submitted the below vulnerability to the HP Zero Day Initiative. They
responded that they are not interested in vulnerabilities in this
“product”. Further, I tried to contact one of the authors Eric A. Young;
the email bounced.

I am busy with my day job and do not have the resources to identify a fix
team for TinySRP. I hope this potential vulnerability finds its way to
someone who can evaluate it critically….