[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Gnump3d-users] Security: HUGE security hole
From: |
Kevin Reilly |
Subject: |
Re: [Gnump3d-users] Security: HUGE security hole |
Date: |
Fri, 23 Jul 2004 18:35:40 +0100 |
User-agent: |
Turnpike/6.03-U (<3CAOX4GbMHX04iiN8GMywm0O2b>) |
On Tue, 20 Jul 2004 Boris Kurktchiev wrote:
http://localhost:8888/<SCRIPT>alert('Vulnerable')</SCRIPT>.jsp
but I couldn't get this to work. PLEASE fix the first hole though.
I just checked the Windows version of 2.8 and it's certainly vulnerable
to this, which came as quite a revelation. Obviously it's not vulnerable
to the password file issue (at least not in the way stated) but there
may be other nasties lurking in there.
--
Kev
__________________________________________________________________________
"The patient was in his usual state of good health until his airplane ran
out of gas and crashed." Medical chart entry