lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Sun, 13 May 2007 14:42:53 +0300
From: Solarius <ville.solarius@...il.com>
To: Jim Harrison <Jim@...tools.org>
Cc: bugtraq@...urityfocus.com
Subject: Re: XSS in Microsoft SharePoint

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Jim Harrison wrote:
> Tried and failed.
> Exactly how have you configured your test SP site?

I think it is in newest SharePointServer but I haven't investigated yet
how wide the problem is.
But I have tried it to couple SP(server?) installations in the Internet,
and it seems to work on all new versions (2007, that is).

Microsoft Security Response Team is currently investigating the issue,
they should be able to tell more.
(they should have better lab than I have;))

Btw, sorry about delayed response, i have been too busy.

- --
Regards,
Solarius - http://www.solarius.name
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFGRvm9jnBbTfuxhusRAkGoAKC9wQgcehS8NOhlNg9Hoxc1FUAXSgCfUBdl
zJ0HWvYmeG0tXzJ02Eo2mIw=
=oPjl
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux - Powered by OpenVZ