BugTraq
Arbor Networks Peakflow SP web interface XSS Apr 03 2012 07:27PM
b saleh aol com (2 replies)
Re: Arbor Networks Peakflow SP web interface XSS Apr 04 2012 09:56PM
Jose Nazario (jose arbor net)
Re: Arbor Networks Peakflow SP web interface XSS Apr 04 2012 08:49PM
Jose Nazario (jose arbor net)
On Tue, 3 Apr 2012, b.saleh (at) aol (dot) com [email concealed] wrote:

> # Exploit Title: Arbor Networks Peakflow SP XSS
> # Date: 03 April 2012

Arbor Networks has reviewed this report. This issue was addressed and
fixed in Peakflow SP releases 5.1.1 patch 6 (released on November 30,
2011) and later, 5.5 patch 4 (released on December 27, 2011) and later,
and 5.6.0 patch 1 (released on September 14, 2011). This is not a current
issue, therefore.

Customers who remain concerned should restrict web console access to
trusted network locations via network access rules.

For future security issue reports, please use the address
security (at) arbor (dot) net [email concealed] to establish communications. Arbor Networks take these
reports very seriously and seeks to work with security researchers when
possible to remedy any such issue.

-------------------------------------------------------------
jose nazario, ph.d. <jose (at) arbor (dot) net [email concealed]>
manager of security research arbor networks
v: (734) 821 1427 http://asert.arbor.net/

[ reply ]


 

Privacy Statement
Copyright 2010, SecurityFocus