[prev in list] [next in list] [prev in thread] [next in thread]
List: bugtraq
Subject: Re[2]: [DSECRG-09-009] APC PowerChute Network Shutdown's Web Interface - XSS vulnerability
From: Alexandr Polyakov <alexandr.polyakov () dsec ! ru>
Date: 2009-02-27 9:59:13
Message-ID: 1896778957.20090227125913 () dsec ! ru
[Download RAW message or body]
Здравствуйте, Vladimir.
ы писали 26 февраля 2009 г., 21:46:28:
> Dear Digital Security Research Group,
> --Thursday, February 26, 2009, 7:40:50 PM, you wrote to bugtraq@securityfocus.com:
DSRG>> Application: APC PowerChute Network Shutdown's Web \
Interface DSRG>> Vendor URL: http://www.apc.com/
DSRG>> Bug: XSS/Response Splitting
DSRG>> Solution: Use Firewall
> Just wonder: how can firewall to protect against XSS/response splitting?
This Solution taken from vendors advice.
Polyakov Alexandr
Information Security Analyst
______________________
DIGITAL SECURITY
phone: +7 812 703 1547
+7 812 430 9130
e-mail: a.polyakov@dsec.ru
www.dsec.ru
-----------------------------------
This message and any attachment are confidential and may be privileged or otherwise \
protected from disclosure. If you are not the intended recipient any use, \
distribution, copying or disclosure is strictly prohibited. If you have received \
this message in error, please notify the sender immediately either by telephone or \
by e-mail and delete this message and any attachment from your system. Correspondence \
via e-mail is for information purposes only. Digital Security neither makes nor \
accepts legally binding statements by e-mail unless otherwise agreed.
-----------------------------------
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic