Re: Anyone here read vuln-dev?

From: Henrik Nordstrom <hno@dont-contact.us>
Date: Sun, 29 Oct 2000 22:31:15 +0100

Robert Collins wrote:

> > The error page generation is the most critical as this is exploitable at
> > the client to do cross-site scripting. The other mostly fails..

Correction: The other are also vulnerable to cross-site scripting issues
IF there is a insecure ftp/gopher server on the same server and the
attacker can update content on those servers but not the web server..

/Henrik
Received on Sun Oct 29 2000 - 14:54:30 MST

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:12:53 MST