| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <00cb01c39028$c69745c0$050010ac@Estila> Date: Sat, 11 Oct 2003 20:52:00 +0200 From: "Lorenzo Hernandez Garcia-Hierro" <lorenzohgh@...g-security.com> To: "Full-Disclosure" <full-disclosure@...ts.netsys.com> Cc: "BUGTRAQ" <bugtraq@...urityfocus.com> Subject: Another example of completely incorrect behavior of vendor: SmartFTP.com Hi friends, Here is another example of an incorrect Vendor behavior and cynic response. You warned them , they patched it and then anothet thing like XSS:, they say: It is not my responsability. Go to: http://advisories.nsrg-security.com/SmartFTP.com-XSS It is self explanatory. Enjoy and laught lots of times. Best Regards. PS: he patched it but he didn't say , ok , i will patch it , no i'm sure ! hahahha ------------------------------- 0x00->Lorenzo Hernandez Garcia-Hierro 0x01->/* not csh but sh */ 0x02->$ PATH=pretending!/usr/ucb/which sense 0x03-> no sense in pretending! __________________________________ PGP: Keyfingerprint B6D7 5FCC 78B4 97C1 4010 56BC 0E5F 2AB2 ID: 0x9C38E1D7 ********************************** No Secure Root Group Security Research Team http://www.nsrg-security.com ______________________ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Powered by blists - more mailing lists