As of 9am June 06, 2003 the newsPHP vulnerability I reported in EXPL-A-2003-003 has been corrected, verified and no longer poses a security threat as reported. Donnie Werner and exploitlabs.com express their thanks and kudos to newsPHP for a very prompt resolve. Full Disclosure works, have your site pretested today, contact salesat_private Donnie Werner http://exploitlabs.com morning_woodat_private ----- Original Message ----- From: "NewsPHP_Support" <supportat_private> To: "morning_wood" <se_cur_ityat_private> Cc: <incidentsat_private>; <bugtraqat_private>; <full-disclosureat_private> Sent: Friday, June 06, 2003 2:39 AM Subject: [Full-Disclosure] Re: newsphp - Persistant XSS JavaScript Flaws > Hello morning_wood, > > FIXED! > thanks > > please change the story as issue is - FIXED > > regads > George Dougla > NewsPHP.com > > > > Friday, June 6, 2003, 5:05:51 AM, you wrote: > > ----------------------------------------------------------------- > m> - > m> EXPL-A-2003-003 exploitlabs.com Advisory 003 > ----------------------------------------------------------------- > m> - > m> -=- newsphp -=- > > > m> Thursday June 5th 2003 4pm > m> Donnie Werner > m> http://exploitlabs.com > > m> newsphp - Persistant XSS JavaScript Flaws > m> Full details may be obtained from: > > m> http://exploitlabs.com/files/advisories/expl-a-2003-003-newsphp.txt > > > > -- > regards > > George Douglas > NewsPHP.com > supportat_private > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.netsys.com/full-disclosure-charter.html > _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
This archive was generated by hypermail 2b30 : Fri Jun 06 2003 - 10:03:40 PDT