Re: [Plugins-writers] www_expect_xss.nasl FP [PATCH]

• Previous message: Hubert Seiwert: "[Plugins-writers] www_expect_xss.nasl FP [PATCH]"
• In reply to: Hubert Seiwert: "[Plugins-writers] www_expect_xss.nasl FP [PATCH]"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

On Wed, Sep 13, 2006 at 03:23:42PM +0100, Hubert Seiwert wrote:

> the exploit string used in this plugin cannot detect whether the remote Apache is
> vulnerable to the CVE-2006-3918 Expect header XSS issue.
...
> To do a proper test, the exploit string needs to contain something that will be quoted,
> e.g. angle brackets.

Thanks for the report. I've applied your patch; the revised plugin 
should become available in an hour or two.

George
-- 
theall@private
_______________________________________________
Plugins-writers mailing list
Plugins-writers@private
http://mail.nessus.org/mailman/listinfo/plugins-writers

• Previous message: Hubert Seiwert: "[Plugins-writers] www_expect_xss.nasl FP [PATCH]"
• In reply to: Hubert Seiwert: "[Plugins-writers] www_expect_xss.nasl FP [PATCH]"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.3 : Wed Sep 13 2006 - 07:58:35 PDT