| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 3 Jun 2004 14:43:27 +0200 From: "A. Ramos" <aramosf@...ec.net> To: dsr@...tas.rs-labs.com Cc: bugtraq@...urityfocus.com Subject: [openwebmail] Fw: Re: XSS bug. Hello all, Its a forward message from openwebmail bugtraq system with the problem and the solution ;-) ---------- Forwarded Message ----------- From: "openwebmail" <openwebmail@...tle.ee.ncku.edu.tw> To: "aramosf" <aramosf@...ec.net> Sent: Thu, 3 Jun 2004 20:30:07 +0800 Subject: Re: XSS bug. On Wed, 2 Jun 2004 18:15:06 +0200, aramosf wrote > Hello, > > I tried to exploit openwebmail 2.32 (latest stable) with the same > adv of SquireMail from RomanSoft, http://www.rs-labs.com/adv/RS-Labs- > Advisory-2004-1.txt, and the openwebmail is vulnerable too. > > -- > A. Ramos <aka dab> > http://www.unsec.net Hi, Thanks for the bug report, it has been fixed in the latest openwebmail-current.tgz. Regards. tung -- Distributed System Laboratory (http://dslab.ee.ncku.edu.tw) Department of Electrical Engineering National Cheng Kung University, Tainan, Taiwan, R.O.C. ------- End of Forwarded Message ------- -- A. Ramos <aka dab> http://www.unsec.net
Powered by blists - more mailing lists