[Full-disclosure] Netgear SSL312 XSS vulnerability
Lolek of TK53
lolek1337 at googlemail.com
Thu Oct 18 18:06:25 BST 2007
Yoyo,
On 10/17/07, rembrandt at jpberlin.de <rembrandt at jpberlin.de> wrote:
> Dear SkyOut, dear Packetstorm team (tedd :)) and dear List.
>
> The author brocke a NDA during the releasing of this "uber"-Advisory.
>
> Skyout: What the fuck is wrong with u? Even ignoring our mails... wow?
> We provided the Router, told him to take a look and he angreed to a NDA.
>
> Do I care if you release a XSS? Hell no...
> But I care if you accapted a NDA because of other internal things.
>
> Did you found it by yourself? Well not realy... (We provided a router,
> told you to take a look for XSS....) Is it uber-critical?
Lol whoever you are, you are going to do an NDA for an XSS in a router
firmware web interface?
I fail to see a real security issue ;D
Cheers
Lolek
Full-Disclosure is hosted and sponsored by Secunia.