Full Disclosure: Re: Cisco ACE XML Gateway <= 6.0 Internal IP disclosure

Re: Cisco ACE XML Gateway <= 6.0 Internal IP disclosure

From: Richard Cyrios <r.u.cyrios () gmail com>
Date: Fri, 25 Sep 2009 14:53:52 +1000

24/09/2009    Tonight!, the vulnerability goes public and PSIRT is

informed.

.... and the world is thrown into chaos via an internal IP being disclosed.

08/09/2009    The PSIRT Incident Manager took the ownership of the

vulnerability.

11/09/2009    Developers confirmed the vulnerability. Code fixes and

testing

remained pending.
Green flag given to go public whenever I'd like.


Cos they think it's a gay vuln....

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

By Date By Thread

Current thread:

Cisco ACE XML Gateway <= 6.0 Internal IP disclosure nitrØus (Sep 25)
- Re: Cisco ACE XML Gateway <= 6.0 Internal IPdisclosure Paul Oxman (poxman) (Sep 25)
- <Possible follow-ups>
- Re: Cisco ACE XML Gateway <= 6.0 Internal IP disclosure Richard Cyrios (Sep 25)
  - Re: Cisco ACE XML Gateway <= 6.0 Internal IP disclosure Jeremy Brown (Sep 25)
  - Re: Cisco ACE XML Gateway <= 6.0 Internal IP disclosure Valdis . Kletnieks (Sep 25)