| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CAAOnDKdouP93+w2RUyh5_P33AEkr4qVsZfawWU4NSK4OTtDLug@mail.gmail.com> Date: Fri, 2 Dec 2011 14:20:33 +0100 From: Michele Orru <antisnatchor@...il.com> To: Piotr Duszynski <piotr@...zynski.eu> Cc: full-disclosure@...ts.grok.org.uk Subject: Re: Voxsmart VoxRecord Control Centre - Blind SQLi and auth. bypass Correction or not correction, this VoxSmart tool just sucks. How come they are vulnerable to auth bypass with or 1=1--??? Hey, we're in 2012 (almost)...wake up ahaha Cheers antisnatchor On Fri, Dec 2, 2011 at 10:58 AM, Piotr Duszynski <piotr@...zynski.eu> wrote: > Small correction regarding the time line of this disclosure: > > [Time-line] > 14/11/2011 - Vendor notified > 2/12/2011 - Vendor response > ??? - Vendor patch release > 30/11/2011 - Public disclosure > > Cheers, @drk1wi > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ -- /antisnatchor _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists