Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

Persistent XSS and CSRF and on network appliance
From: pagvac <unknown.pentester () gmail com>
Date: Wed, 27 Jun 2007 20:59:28 +0100

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
 
The HTTP interface of a network appliance has been researched and
found to be vulnerable to several persistent XSS and CSRF.

Such research was done by pdp (architect) and myself. We informed the
vendor and will publish the details when a fix is available.

The following is the MD5 hash for the advisory file.

$ md5sum.exe research.txt
3db1d71fc3a0eae119617b3b1124206f  *research.txt

Regards,

- --
pagvac
[http://gnucitizen.org, http://ikwt.com/]

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.2 (MingW32)
 
iD8DBQFGgsGdjXB4hX6OC/cRAnwiAKCVI2JC4JNMvWXa3U/4b7WlH4FIfwCg1bL9
4ch1PaYvt6TSWtKVJX2cfgs=
=Ls8N
-----END PGP SIGNATURE-----

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]