Re: Netgear SSL312 XSS vulnerability

[<full-disclosure () mac hush com>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

LOL!

- -JP<uncreative today>

On Thu, 18 Oct 2007 13:06:25 -0400 Lolek of TK53
<lolek1337 () googlemail com> wrote:
> Yoyo,
> On 10/17/07, rembrandt () jpberlin de <rembrandt () jpberlin de> wrote:
> > Dear SkyOut, dear Packetstorm team (tedd :)) and dear List.
> >
> > The author brocke a NDA during the releasing of this "uber"-
> Advisory.
> > Skyout: What the fuck is wrong with u? Even ignoring our
> mails... wow?
> > We provided the Router, told him to take a look and he angreed
> to a NDA.
> > Do I care if you release a XSS? Hell no...
> > But I care if you accapted a NDA because of other internal
> things.
> > Did you found it by yourself? Well not realy... (We provided a
> router,
> > told you to take a look for XSS....) Is it uber-critical?
>
> Lol whoever you are, you are going to do an NDA for an XSS in a
> router
> firmware web interface?
> I fail to see a real security issue ;D
> Cheers
> Lolek
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
-----BEGIN PGP SIGNATURE-----
Note: This signature can be verified at https://www.hushtools.com/verify
Charset: UTF8
Version: Hush 2.5

wpwEAQECAAYFAkcYrsAACgkQqTTbVuUWvbIvnwQAoI4dwOtHt5KAd3rRB2SA2Lcxf6ec
dRq9nOa5XfnGwIO7x1GbEGsCLRT3gVDSEb7ep+5WUNiGOyQqWbYA4X+oM/8xIS7OVRJi
KUtuXM0RQAh+hRTs1PEu6RpCPdk6lCclfWRCGMoWEBW+V+fG/p49BmvTAh7MeCTflred
tiYwqpk=
=H+ls
-----END PGP SIGNATURE-----


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/