lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Date: Thu Aug  4 20:27:01 2005
From: toddtowles at brookshires.com (Todd Towles)
Subject: taking their revenge @ cisco

Well, I won't fight that one. But web-app holes are well understood and
are not related to problems found in the IOS. I really don't see how
people can confuse them.


> -----Original Message-----
> From: full-disclosure-bounces@...ts.grok.org.uk 
> [mailto:full-disclosure-bounces@...ts.grok.org.uk] On Behalf 
> Of Michael Holstein
> Sent: Thursday, August 04, 2005 2:01 PM
> To: full-disclosure@...ts.grok.org.uk
> Subject: Re: [Full-disclosure] taking their revenge @ cisco
> 
> > It have nothing to do with a IOS at all. All the other SQL 
> injection 
> > that happen in the world have nothing to do with Cisco IOS 
> flaws. This 
> > is a pure case of the search function being open to SQL injection.
> > Therefore it is a design/code problem in one of the three web-app 
> > tiers of the website.
> 
> Yeah .. but I guess their "Self Defending Network" well, um ...
> 
> DIDN'T.
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
> 

Powered by blists - more mailing lists