Re: Allaire JRUN Cross Site Scripting Check

From: Noam Rathaus (noamrat_private)
Date: Wed Nov 14 2001 - 23:08:13 PST

Next message: Noam Rathaus: "Re: Allaire JRUN Cross Site Scripting Check"

Previous message: sq: "Re: Allaire JRUN Cross Site Scripting Check"
In reply to: sq: "Re: Allaire JRUN Cross Site Scripting Check"
Next in thread: Noam Rathaus: "Re: Allaire JRUN Cross Site Scripting Check"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi,

Just one thing, this plugin will detect an .SHTML based CSS, while the original
one will also detect such vulnerability. This would cause a duplicate
true?/false? positive.

Maybe it is worth checking for an Allaris server signature?

Thanks
Noam Rathaus
http://www.SecurITeam.com
http://www.BeyondSecurity.com

----- Original Message -----
From: "sq" <sqat_private>
To: <plugins-writersat_private>
Sent: Wednesday, November 14, 2001 18:03
Subject: Re: Allaire JRUN Cross Site Scripting Check


> Thanks in large part to Felix Huber showing me how to write a "for" loop
> in nasl <g>, this check seems to be working great.  I still don't have
> an Allaire JRUN 2.x installation to test against, so if someone does,
> please try.
>
> Now what happens with the plugin? Sorry, I'm new to the nasl dev side.
>
> Regards,
> Chris Sullo
>
>
>

Next message: Noam Rathaus: "Re: Allaire JRUN Cross Site Scripting Check"
Previous message: sq: "Re: Allaire JRUN Cross Site Scripting Check"
In reply to: sq: "Re: Allaire JRUN Cross Site Scripting Check"
Next in thread: Noam Rathaus: "Re: Allaire JRUN Cross Site Scripting Check"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Wed Nov 14 2001 - 23:14:40 PST