Full Disclosure mailing list archives
Re: Persistent XSS and CSRF on network appliance [subject corrected :) ]
From: "Joey Mengele" <joey.mengele () hushmail com>
Date: Wed, 27 Jun 2007 16:14:43 -0400
Please provide the original content of research.txt so I can verify that the hash is correct. I will also need the hash of your md5sum.exe. Thanks. J On Wed, 27 Jun 2007 16:02:16 -0400 pagvac <unknown.pentester () gmail com> wrote:
The HTTP interface of a network appliance has been researched and found to be vulnerable to several persistent XSS and CSRF. Such research was done by pdp (architect) and myself. We informed the vendor and will publish the details when a fix is available. The following is the MD5 hash for the advisory file. $ md5sum.exe research.txt 3db1d71fc3a0eae119617b3b1124206f *research.txt Regards, -- pagvac [http://gnucitizen.org, http://ikwt.com/]
-- Click here for free information on consolidating your debt. http://tagline.hushmail.com/fc/Ioyw6h4d717AWsBGaRw0XRcSdPtiOutR2LutWBLFUUILfQosdj12pq/ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Re: Persistent XSS and CSRF on network appliance [subject corrected :) ] Joey Mengele (Jun 27)
- <Possible follow-ups>
- Re: Persistent XSS and CSRF on network appliance [subject corrected :) ] Joey Mengele (Jun 27)
- Re: Persistent XSS and CSRF on network appliance [subject corrected :) ] Joey Mengele (Jun 27)
- Re: Persistent XSS and CSRF on network appliance [subject corrected :) ] pagvac (Jun 27)
- Re: Persistent XSS and CSRF on network appliance [subject corrected :) ] pagvac (Jun 27)
- Re: Persistent XSS and CSRF on network appliance [subject corrected :) ] Dr. Neal Krawetz PhD (Jun 27)
- Message not available
- Re: Persistent XSS and CSRF on network appliance [subject corrected :) ] Dr. Neal Krawetz PhD (Jun 27)
- Re: Persistent XSS and CSRF on network appliance [subject corrected :) ] coderman (Jun 27)