Re: [Plugins-writers] compaqdiag and false positives

• Previous message: Michel Arboi: "Re: [Plugins-writers] Modification of Plugin 11033 to Supress Some Output"
• In reply to: Jon Passki: "[Plugins-writers] compaqdiag and false positives"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

On Thu, 2005-02-17 at 08:56 -0800, Jon Passki wrote:
> <head><META HTTP-EQUIV="refresh"
> CONTENT="0;URL=https://192.168.118.33:2381/_vti_pvt%5caccess.cnf"></head><H2>Unable
> to complete your request due to added security features</H2>

So it _is_ vulnerable to XSS.
The problem is elsewhere: as this is a generic XSS, the message should
appear only once.
This happens when cross_site_scripting.nasl missed the flaw for whatever
reason (network glitch?)


_______________________________________________
Plugins-writers mailing list
Plugins-writers@private
http://mail.nessus.org/mailman/listinfo/plugins-writers

• Previous message: Michel Arboi: "Re: [Plugins-writers] Modification of Plugin 11033 to Supress Some Output"
• In reply to: Jon Passki: "[Plugins-writers] compaqdiag and false positives"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.3 : Sat Feb 19 2005 - 06:44:36 PST