Vulneraibilty Asesment report in NASA.GOV Websites [not finished , only news]

["Lorenzo Hernandez Garcia-Hierro" <lorenzohgh () nsrg-security com>]

Hi friends,
Umm, i've seen that my message about some NASA.gov websites vulnerabilities
became a little flame so,
i'm finishing a report that includes in nice html format:
-info about SQL injections
-info about XSS
-info about  a denial of service that i found in a Cold Fusion script.
-info about the incorrect access control to an administrative part of a
website ( i could access to the administration area )
So, wait for news because i contacted NASA staff :
___
John R. Ray, Mgr.
NASA Competency Center
Information Technology Security
___
After the systems patching they will allow me to make public the report.
Thanks to everybody in this list.
Best regards to all and have nice time !
-------------------------------
0x00->Lorenzo Hernandez Garcia-Hierro
0x01->/* not csh but sh */
0x02->$ PATH=pretending!/usr/ucb/which sense
0x03-> no sense in pretending!
__________________________________
PGP: Keyfingerprint
4ACC D892 05F9 74F1 F453  7D62 6B4E B53E 9180 5F5B
ID: 0x91805F5B
**********************************
No Secure Root Group Security Research Team
http://www.nsrg-security.com
______________________


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html