Home page logo

bugtraq logo Bugtraq mailing list archives

Re: Arbor Networks Peakflow SP web interface XSS
From: Jose Nazario <jose () arbor net>
Date: Wed, 4 Apr 2012 16:49:08 -0400 (EDT)

On Tue, 3 Apr 2012, b.saleh () aol com wrote:

#  Exploit Title: Arbor Networks Peakflow SP XSS
#  Date: 03 April 2012

Arbor Networks has reviewed this report. This issue was addressed and fixed in Peakflow SP releases 5.1.1 patch 6 (released on November 30, 2011) and later, 5.5 patch 4 (released on December 27, 2011) and later, and 5.6.0 patch 1 (released on September 14, 2011). This is not a current issue, therefore.

Customers who remain concerned should restrict web console access to trusted network locations via network access rules.

For future security issue reports, please use the address security () arbor net to establish communications. Arbor Networks take these reports very seriously and seeks to work with security researchers when possible to remedy any such issue.

jose nazario, ph.d.             <jose () arbor net>
manager of security research    arbor networks
v: (734) 821 1427               http://asert.arbor.net/

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]