Full Disclosure mailing list archives
Re: Netgear SSL312 XSS vulnerability
From: "Lolek of TK53" <lolek1337 () googlemail com>
Date: Thu, 18 Oct 2007 19:06:25 +0200
Yoyo, On 10/17/07, rembrandt () jpberlin de <rembrandt () jpberlin de> wrote:
Dear SkyOut, dear Packetstorm team (tedd :)) and dear List. The author brocke a NDA during the releasing of this "uber"-Advisory. Skyout: What the fuck is wrong with u? Even ignoring our mails... wow? We provided the Router, told him to take a look and he angreed to a NDA. Do I care if you release a XSS? Hell no... But I care if you accapted a NDA because of other internal things. Did you found it by yourself? Well not realy... (We provided a router, told you to take a look for XSS....) Is it uber-critical?
Lol whoever you are, you are going to do an NDA for an XSS in a router firmware web interface? I fail to see a real security issue ;D Cheers Lolek _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Netgear SSL312 XSS vulnerability SkyOut (Oct 13)
- Re: Netgear SSL312 XSS vulnerability rembrandt (Oct 18)
- Re: Netgear SSL312 XSS vulnerability Lolek of TK53 (Oct 18)
- <Possible follow-ups>
- Re: Netgear SSL312 XSS vulnerability full-disclosure (Oct 18)
- Re: Netgear SSL312 XSS vulnerability jpk (Oct 19)
- Re: Netgear SSL312 XSS vulnerability full-disclosure (Oct 19)
- Re: Netgear SSL312 XSS vulnerability full-disclosure (Oct 19)
- Re: Netgear SSL312 XSS vulnerability rembrandt (Oct 18)