[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Wed, 4 Apr 2012 16:49:08 -0400 (EDT)
From: Jose Nazario <jose@...or.net>
To: b.saleh@....com
cc: bugtraq@...urityfocus.com
Subject: Re: Arbor Networks Peakflow SP web interface XSS
On Tue, 3 Apr 2012, b.saleh@....com wrote:
> # Exploit Title: Arbor Networks Peakflow SP XSS
> # Date: 03 April 2012
Arbor Networks has reviewed this report. This issue was addressed and
fixed in Peakflow SP releases 5.1.1 patch 6 (released on November 30,
2011) and later, 5.5 patch 4 (released on December 27, 2011) and later,
and 5.6.0 patch 1 (released on September 14, 2011). This is not a current
issue, therefore.
Customers who remain concerned should restrict web console access to
trusted network locations via network access rules.
For future security issue reports, please use the address
security@...or.net to establish communications. Arbor Networks take these
reports very seriously and seeks to work with security researchers when
possible to remedy any such issue.
-------------------------------------------------------------
jose nazario, ph.d. <jose@...or.net>
manager of security research arbor networks
v: (734) 821 1427 http://asert.arbor.net/
Powered by blists - more mailing lists