Bugtraq mailing list archives
[openwebmail] Fw: Re: XSS bug.
From: "A. Ramos" <aramosf () unsec net>
Date: Thu, 3 Jun 2004 14:43:27 +0200
Hello all, Its a forward message from openwebmail bugtraq system with the problem and the solution ;-) ---------- Forwarded Message ----------- From: "openwebmail" <openwebmail () turtle ee ncku edu tw> To: "aramosf" <aramosf () unsec net> Sent: Thu, 3 Jun 2004 20:30:07 +0800 Subject: Re: XSS bug. On Wed, 2 Jun 2004 18:15:06 +0200, aramosf wrote
Hello, I tried to exploit openwebmail 2.32 (latest stable) with the same adv of SquireMail from RomanSoft, http://www.rs-labs.com/adv/RS-Labs- Advisory-2004-1.txt, and the openwebmail is vulnerable too. -- A. Ramos <aka dab> http://www.unsec.net
Hi, Thanks for the bug report, it has been fixed in the latest openwebmail-current.tgz. Regards. tung -- Distributed System Laboratory (http://dslab.ee.ncku.edu.tw) Department of Electrical Engineering National Cheng Kung University, Tainan, Taiwan, R.O.C. ------- End of Forwarded Message ------- -- A. Ramos <aka dab> http://www.unsec.net
Current thread:
- [openwebmail] Fw: Re: XSS bug. A. Ramos (Jun 04)