Full Disclosure mailing list archives
Persistent XSS and CSRF on network appliance [subject corrected :) ]
From: pagvac <unknown.pentester () gmail com>
Date: Wed, 27 Jun 2007 21:02:16 +0100
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 The HTTP interface of a network appliance has been researched and found to be vulnerable to several persistent XSS and CSRF. Such research was done by pdp (architect) and myself. We informed the vendor and will publish the details when a fix is available. The following is the MD5 hash for the advisory file. $ md5sum.exe research.txt 3db1d71fc3a0eae119617b3b1124206f *research.txt Regards, - -- pagvac [http://gnucitizen.org, http://ikwt.com/] -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2.2 (MingW32) iD8DBQFGgsJGjXB4hX6OC/cRAlVFAJwLfy2ByAZz0cgjx4+/H7NaWMpwXQCff/T9 x6VqTYC1FTecOaPnRjEqm08= =GgsZ -----END PGP SIGNATURE----- _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Persistent XSS and CSRF on network appliance [subject corrected :) ] pagvac (Jun 27)