-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hello, On 29.May.2004, I disclosed an important XSS vulnerability in latest versions of a well-known webmail: SquirrelMail. Upon publication I received the notice that other important webmails were also vulnerable to the same bug. Indeed the same exploits released for SquirrelMail worked without any changes in these systems. I decided to contact several other webmail vendors and ask directly to check their software and confirm or deny the vulnerability. The purpose of this brief advisory is to provide you with the collected info in an objective and summarized way. PS: Sorry for the big delay. Saludos, --Roman - -- PGP Fingerprint: 09BB EFCD 21ED 4E79 25FB 29E1 E47F 8A7D EAD5 6742 [Key ID: 0xEAD56742. Available at KeyServ] -----BEGIN PGP SIGNATURE----- Version: PGPfreeware 6.5.8 for non-commercial use <http://www.pgp.com> iQA/AwUBQOmPneR/in3q1WdCEQKHUQCfaNoy7mu+g0AKsK9LFiwVyT5zXJEAoIzW h0imdE0FayaQLIFBiX47hpHW =9k38 -----END PGP SIGNATURE-----
This archive was generated by hypermail 2.1.3 : Mon Jul 05 2004 - 13:46:44 PDT