| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 4 Apr 2012 16:49:08 -0400 (EDT) From: Jose Nazario <jose@...or.net> To: b.saleh@....com cc: bugtraq@...urityfocus.com Subject: Re: Arbor Networks Peakflow SP web interface XSS On Tue, 3 Apr 2012, b.saleh@....com wrote: > # Exploit Title: Arbor Networks Peakflow SP XSS > # Date: 03 April 2012 Arbor Networks has reviewed this report. This issue was addressed and fixed in Peakflow SP releases 5.1.1 patch 6 (released on November 30, 2011) and later, 5.5 patch 4 (released on December 27, 2011) and later, and 5.6.0 patch 1 (released on September 14, 2011). This is not a current issue, therefore. Customers who remain concerned should restrict web console access to trusted network locations via network access rules. For future security issue reports, please use the address security@...or.net to establish communications. Arbor Networks take these reports very seriously and seeks to work with security researchers when possible to remedy any such issue. ------------------------------------------------------------- jose nazario, ph.d. <jose@...or.net> manager of security research arbor networks v: (734) 821 1427 http://asert.arbor.net/
Powered by blists - more mailing lists