[VIM] Vendor dispute of Land Down Under issues
security curmudgeon
jericho at attrition.org
Mon Aug 29 16:59:48 EDT 2005
: The front page of the Land Down Under site includes a news item
: "Regarding LDU at SecurityFocus.com" that disputes the original claims
: of SQL injection/XSS issues in LDU:
:
: Regarding LDU at SecurityFocus.com
: 21-08-2005 05:25
: Since yesterday there's 2 new items about LDU at
: http://www.securityfocus.com, about "security exploits" that may
: affect LDU build 800. None of the tricks written there are working,
: the variables are properly sanitized and no LDU version is
: affected. This morning I notified the moderators of the site.
:
: The 2 articles are here :
:
: http://securityfocus.com/bid/14618/exploit
: http://securityfocus.com/bid/14619/exploit
:
: I'll post here as soon as possible if there's updates regarding this
: topic.
:
: *UPDATE*
:
: A little "Hello!" to all the people trying the non-working URLs here
: at Neocrome.net, you will be forever famous in the log :]
Interesting. Original disclosure AND two subsequent posts with
vulnerabilities. Makes me wonder if LDU is playing the 'deny everything'
game...
Sat Aug 20 2005
http://archives.neohapsis.com/archives/bugtraq/2005-08/0277.html
Sun Aug 28 2005
http://archives.neohapsis.com/archives/bugtraq/2005-08/0395.html
Mon Aug 29 2005
http://archives.neohapsis.com/archives/fulldisclosure/2005-08/0988.html
More information about the VIM
mailing list