oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

Re: zenoss issues

From: Thomas Pollet <thomas.pollet () gmail com>
Date: Fri, 24 Aug 2012 12:04:06 +0200
Hi,

I have found that zenoss displays snmp output like syslocation unfiltered
in the web interface.
http://jira.zenoss.com/jira/browse/ZEN-3192
I suspect there are many more bugs in this package.

Regards,
Thomas

On 24 August 2012 09:33, Thomas Pollet <thomas.pollet () gmail com> wrote:


Hello,

I have found xss and command execution problems with zenoss. I created a
bugreport which can be found at
http://jira.zenoss.com/jira/browse/ZEN-3183 . However the zenoss
developers don't seem to be able to reproduce the issues.

Another issue, reported by Emanuel Bronshtein can be found at
http://jira.zenoss.com/jira/browse/ZEN-3153

Regards,
Thomas Pollet
Previous By Date Next
Previous By Thread Next

Current thread: