Re: UBB vulnerablietis + about: using example

[David Dreezer <bugtraq () infopop com>]

Mailer: SecurityFocus
In-Reply-To: <15722392656.20011116021050 () hostel tusur ru>

This has been filtered in our product since version 
5.47e, released February 21, 2001

line 767 ubb_library.cgi

if ($ThePost =~ /\ONERROR\s*=/i) {
        &StandardHTML("Illegal HTML tag, 
ONERROR");
        exit;

line 709 of the latest version.

Perhaps had you followed the accepted procedures 
and notified us, the vendor, ahead of time we could 
have pointed this out to you.

Actions such as this reduce the value of bugtraq.