Bugtraq mailing list archives
Re: Arbor Networks Peakflow SP web interface XSS
From: Jose Nazario <jose () arbor net>
Date: Wed, 4 Apr 2012 16:49:08 -0400 (EDT)
On Tue, 3 Apr 2012, b.saleh () aol com wrote:
# Exploit Title: Arbor Networks Peakflow SP XSS # Date: 03 April 2012
Arbor Networks has reviewed this report. This issue was addressed and fixed in Peakflow SP releases 5.1.1 patch 6 (released on November 30, 2011) and later, 5.5 patch 4 (released on December 27, 2011) and later, and 5.6.0 patch 1 (released on September 14, 2011). This is not a current issue, therefore.
Customers who remain concerned should restrict web console access to trusted network locations via network access rules.
For future security issue reports, please use the address security () arbor net to establish communications. Arbor Networks take these reports very seriously and seeks to work with security researchers when possible to remedy any such issue.
------------------------------------------------------------- jose nazario, ph.d. <jose () arbor net> manager of security research arbor networks v: (734) 821 1427 http://asert.arbor.net/
Current thread:
- Arbor Networks Peakflow SP web interface XSS b . saleh (Apr 04)
- Re: Arbor Networks Peakflow SP web interface XSS Jose Nazario (Apr 04)
- Re: Arbor Networks Peakflow SP web interface XSS Jose Nazario (Apr 05)