Download Firefox: WindowsMac OS X
logo       
Google Custom Search
    AddThis Social Bookmark Button
<prev   next>

Re: XSS in info2www: msg#00008

Subject: Re: XSS in info2www 
Le mer 17/11/2004 à 01:51, Steve Kemp a écrit :

>  Cookies or other authentification are not used on this CGI script so
>  there are no immediately obvious security implications.

I agree. However, it should be fixed, even if not in a DSA.

Should I contact the package maintainer Uwe Hermann <uwe@xxxxxxxxxx> or
the main developper Roar Smith <lmdrsm@xxxxxxxxxxxxxxx> ?

Regards,
-- 
Nicolas Gregoire ----- Consultant en Sécurité des Systèmes d'Information
ngregoire@xxxxxxxxxxxx ------[ ExaProbe ]------ http://www.exaprobe.com/
PGP KeyID:CA61B44F  FingerPrint:1CC647FF1A55664BA2D2AFDACA6A21DACA61B44F
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: XSS in info2www, Steve Kemp
Next by Date:  Re: XSS in info2www, Steve Kemp
Previous by Thread:  Re: XSS in info2www, Steve Kemp
Next by Thread:  Re: XSS in info2www, Steve Kemp
Indexes:  [Date] [Thread] [Top] [All Lists]

    ^^^ ADDITIONAL NAVIGATION ^^^

  
Google Custom Search

Recently Viewed:
yellowdog.gener...    python.sqlalche...    culture.studies...    ietf.tsvwg/2002...    java.mule.devel...    netbsd.ports.dr...    user-groups.lin...    gnu.core-utils....    kde.users.multi...    qnx.openqnx.dev...    systems.archos....    text.xml.xtm.tm...    mail.qpsmtpd/20...    audio.csound.de...    linux.jpackage....    freebsd.chat/20...    drivers.eepro10...    org.user-groups...    xfree86.newbie/...    hardware.microc...    editors.tex.tex...    voip.wengophone...    web.eprints.dev...    boot-loaders.gr...   
Home | blog view, Court Document Archive | USPTO Patent Archive (NEW!) | advertise | OSDir is an inevitable website. super tiny logo