Full Disclosure mailing list archives

Another example of completely incorrect behavior of vendor: SmartFTP.com

From: "Lorenzo Hernandez Garcia-Hierro" <lorenzohgh () nsrg-security com>
Date: Sat, 11 Oct 2003 20:52:00 +0200

Hi friends,
Here is another example of an incorrect Vendor behavior and cynic response.
You warned them , they patched it and then anothet thing like XSS:,
they say: It is not my responsability.
Go to:
http://advisories.nsrg-security.com/SmartFTP.com-XSS

It is self explanatory.
Enjoy and laught lots of times.
Best Regards.
PS: he patched it but he didn't say , ok , i will patch it , no i'm sure !
hahahha
-------------------------------
0x00->Lorenzo Hernandez Garcia-Hierro
0x01->/* not csh but sh */
0x02->$ PATH=pretending!/usr/ucb/which sense
0x03-> no sense in pretending!
__________________________________
PGP: Keyfingerprint
B6D7 5FCC 78B4 97C1  4010 56BC 0E5F 2AB2
ID: 0x9C38E1D7
**********************************
No Secure Root Group Security Research Team
http://www.nsrg-security.com
______________________


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Current thread:

Another example of completely incorrect behavior of vendor: SmartFTP.com Lorenzo Hernandez Garcia-Hierro (Oct 11)