| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <948742514.20090226214628@SECURITY.NNOV.RU> Date: Thu, 26 Feb 2009 21:46:28 +0300 From: "Vladimir '3APA3A' Dubrovin" <3APA3A@...URITY.NNOV.RU> To: Digital Security Research Group <research@...c.ru> Cc: bugtraq@...urityfocus.com, vuln@...unia.com, packet@...ketstormsecurity.org Subject: Re: [DSECRG-09-009] APC PowerChute Network Shutdown's Web Interface - XSS vulnerability Dear Digital Security Research Group, --Thursday, February 26, 2009, 7:40:50 PM, you wrote to bugtraq@...urityfocus.com: DSRG> Application: APC PowerChute Network Shutdown's Web Interface DSRG> Vendor URL: http://www.apc.com/ DSRG> Bug: XSS/Response Splitting DSRG> Solution: Use Firewall Just wonder: how can firewall to protect against XSS/response splitting? -- Skype: Vladimir.Dubrovin ~/ZARAZA http://securityvulns.com/
Powered by blists - more mailing lists