Re: Re: MS OWA 2003 Redirection Vulnerability

Actually I have no more chance to test that since I found that vulnerability during a check for a customer.

Thanks for the input however. I will check that the next time. An XSS vulnerability would indeed be nicer than a simple redirection...

Martin Suess

Relevant Pages

  • RE: [Full-disclosure] MSIE (mshtml.dll) OBJECT tag vulnerability
    ... reasonable timeframe, compared to industry averages. ... Nice of you to make that risk assessment for the entire IA community. ... researcher should give the vendor a chance to respond. ... publish the vulnerability and document ...
  • Re: How could we have done better?
    ... and LHO bid 2S after some ... Even at favorable vulnerability, 3N is the spot. ... chance to double here for penalty is tempting..... ... haven't been suckered as lefty leads out five high diamonds. ...
  • Re: Overcall over 1NT?
    ... Is the favorable vulnerability a good reason to use this "toy"? ... you should take fewer risks. ... number when you don't have much chance of picking up a bid swing? ...
  • Re: It seems every firewall is slagged as snake oil. So how should it be done?
    ... It use to be on the ZA forum. ... There is a chance I am slightly off a tad. ... It exploited a vulnerability in Windows' RPC service. ...
  • Re: A Quality Penetration Test
    ... I've once worked for a VAR that sold vulnerability scanning/discovery ... Advanced External Penetration Test that our team delivered to a customer. ... to use those unchecked variables to penetrate into our Customer's Web Server ... automatically dump the contents of the database when executed. ...