[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Bosdev Multiple vulnerabilities

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: Re: Bosdev Multiple vulnerabilities
From: sales@xxxxxxxxxx
Date: 13 Nov 2007 00:08:58 -0000

Actually, you've never emailed us.

HTML is stripped from posts, with the exception of admin allowed tags.  The 
username XSS issue is already being dealt with in the 6.1 release.

Install.php won't do anything, unless you know the username/password/db name 
for the system.  Admins are told to remove the file specifically for the reason 
listed above.

Next time you say you have emailed someone, you might actually try doing it.

Prev by Date: ATC-08 Call for papers (repost)
Next by Date: [ MDKSA-2007:216 ] - Updated kernel packages fix multiple vulnerabilities and bugs
Previous by thread: ATC-08 Call for papers (repost)
Next by thread: [ MDKSA-2007:216 ] - Updated kernel packages fix multiple vulnerabilities and bugs
Index(es):
- Date
- Thread