Re: [Full-disclosure] Persistent XSS and CSRF on network appliance [subject corrected :) ]

Due to your extreme uncooperativeness, I will be attempting to
brute force the contents of this advisory in the meantime. Thank
you.

J

On Wed, 27 Jun 2007 16:29:43 -0400 pagvac
<unknown.pentester@xxxxxxxxx> wrote:
The file "research.txt" will be provided once the vendor fixes the
issues. At that point anyone can check that the hash matches the
one
included in this post.

Thank you.

Joey Mengele wrote:
Please provide the original content of research.txt so I can
verify
that the hash is correct. I will also need the hash of your
md5sum.exe. Thanks.

J

On Wed, 27 Jun 2007 16:02:16 -0400 pagvac
<unknown.pentester@xxxxxxxxx> wrote:
The HTTP interface of a network appliance has been researched
and
found to be vulnerable to several persistent XSS and CSRF.

Such research was done by pdp (architect) and myself. We
informed
the
vendor and will publish the details when a fix is available.

The following is the MD5 hash for the advisory file.

$ md5sum.exe research.txt
3db1d71fc3a0eae119617b3b1124206f *research.txt

Regards,

--
pagvac
[http://gnucitizen.org, http://ikwt.com/]

--
Click here for to find products that will help grow your small
business.

http://tagline.hushmail.com/fc/Ioyw6h4eDJc9UN71zvlsGp4ZGBzvqUZDr59L
zooSm6N56gZuYA97Kt/




--
pagvac
[http://gnucitizen.org, http://ikwt.com/]

--
Click for a free comparison on healthcare coverage and save 100's
http://tagline.hushmail.com/fc/Ioyw6h4d8cVJ5gmPcrhhqnHljcbEdlY2ctongGZQzI70rVknLc19WY/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/