Comments for SecPod Research Blog http://secpod.org/blog Security Simplified Wed, 07 Mar 2012 17:42:39 +0000 hourly 1 http://wordpress.org/?v=3.3.1 Comment on Apache Struts Multiple Persistence Cross-Site Scripting Vulnerabilities by recepti za brze torte http://secpod.org/blog/?p=450&cpage=1#comment-12473 recepti za brze torte Wed, 07 Mar 2012 17:42:39 +0000 http://secpod.org/blog/?p=450#comment-12473 Good post over again . I am looking forward for your next post ;) Good post over again . I am looking forward for your next post ;)

]]> Comment on Ipswitch TFTP Server Directory Traversal Vulnerability by Veerendra GG http://secpod.org/blog/?p=424&cpage=1#comment-9192 Veerendra GG Mon, 05 Dec 2011 05:33:38 +0000 http://secpod.org/blog/?p=424#comment-9192 TFTP should all WRITE request. It's about configuration/permission, which stops you from using WRITE request. TFTP should all WRITE request. It’s about configuration/permission, which stops you from using WRITE request.

]]> Comment on Metasploit Module – BisonFTP Server Remote Buffer Overflow Vulnerability by Mitch Inverso http://secpod.org/blog/?p=384&cpage=1#comment-9163 Mitch Inverso Sun, 04 Dec 2011 01:31:27 +0000 http://secpod.org/blog/?p=384#comment-9163 Thank you very much for posting this good content! I am looking forward to checking out more! Thank you very much for posting this good content! I am looking forward to checking out more!

]]> Comment on Ipswitch TFTP Server Directory Traversal Vulnerability by Jay http://secpod.org/blog/?p=424&cpage=1#comment-9157 Jay Sat, 03 Dec 2011 22:13:26 +0000 http://secpod.org/blog/?p=424#comment-9157 Does the TFTP service allow WRITE request at all? It throws you a "Forbidden due to security rules" when you try, but I wonder that "rule" can be changed. Does the TFTP service allow WRITE request at all? It throws you a “Forbidden due to security rules” when you try, but I wonder that “rule” can be changed.

]]> Comment on Xataface WebAuction and Xataface Librarian DB Multiple Vulnerabilities by Veerendra GG http://secpod.org/blog/?p=350&cpage=1#comment-7353 Veerendra GG Tue, 13 Sep 2011 10:01:32 +0000 http://secpod.org/blog/?p=350#comment-7353 Hi, We have informed about these vulnerabilities 1 month back to vendor but we did't get any response. Hence we published the advisories. We will check all these vulnerabilities are fixed in the latest version. If they are fixed we will update the advisories with the solution. Thank you for informing :-) Hi,

We have informed about these vulnerabilities 1 month back to vendor but we did’t get any response. Hence we published the advisories.

We will check all these vulnerabilities are fixed in the latest version. If they are fixed we will update the advisories with the solution.

Thank you for informing :-)

]]> Comment on Xataface WebAuction and Xataface Librarian DB Multiple Vulnerabilities by Steve Hannah http://secpod.org/blog/?p=350&cpage=1#comment-7318 Steve Hannah Mon, 12 Sep 2011 17:38:09 +0000 http://secpod.org/blog/?p=350#comment-7318 These vulnerabilities are well known and fixes have been posted in the Xataface forum months ago. Current versions of Xataface, WebAuction, and Librarian DB are not affected by these vulnerabilities. These vulnerabilities are well known and fixes have been posted in the Xataface forum months ago. Current versions of Xataface, WebAuction, and Librarian DB are not affected by these vulnerabilities.

]]> Comment on CiscoKits CCNA TFTP Server Denial Of Service Vulnerability by Babita Rawat http://secpod.org/blog/?p=271&cpage=1#comment-6874 Babita Rawat Sat, 20 Aug 2011 07:52:30 +0000 http://secpod.org/blog/?p=271#comment-6874 I read this article which is really a great effort by the writer. Thank You!!! Best regards, Babita Rawat Netexperts India Educational Services 702, Somdatt Chambers–II 9, Bhikaiji Cama Place, Near Hyatt Regency Hotel New Delhi – 110066 +91 9971400335 +91 9971400336 +91 11 41659015, 26182282, 6176067 Website : www.netexpertsindia.com Email : info@netexpertsindia.com I read this article which is really a great effort by the writer.
Thank You!!!

Best regards,

Babita Rawat

Netexperts India Educational Services

702, Somdatt Chambers–II 9, Bhikaiji Cama Place,
Near Hyatt Regency Hotel
New Delhi – 110066
+91 9971400335
+91 9971400336
+91 11 41659015, 26182282, 6176067
Website : http://www.netexpertsindia.com
Email : info@netexpertsindia.com

]]> Comment on MS08-067 (Conficker worm) detection – OpenVAS plugin by Renter Credit Check http://secpod.org/blog/?p=51&cpage=1#comment-5872 Renter Credit Check Mon, 16 May 2011 22:37:18 +0000 http://secpod.org/blog/?p=51#comment-5872 Brilliant! Regards. Brilliant! Regards.

]]> Comment on CUPS IPP Use-After-Free Denial of Service Vulnerability Proof of Concept [CVE-2010-2941] by fsck-labs http://secpod.org/blog/?p=157&cpage=1#comment-5102 fsck-labs Thu, 17 Mar 2011 15:52:07 +0000 http://secpod.org/blog/?p=157#comment-5102 Thanks! I've just successfully reproduced the crash on Ubuntu 10.10 with the aforementioned cups version. Thanks! I’ve just successfully reproduced the crash on Ubuntu 10.10 with the aforementioned cups version.

]]> Comment on CUPS IPP Use-After-Free Denial of Service Vulnerability Proof of Concept [CVE-2010-2941] by Veerendra GG http://secpod.org/blog/?p=157&cpage=1#comment-5082 Veerendra GG Wed, 16 Mar 2011 14:43:34 +0000 http://secpod.org/blog/?p=157#comment-5082 Exploit is also working successfully on Ubuntu 10.10 with cups version 1.4.4-6ubuntu2 Ubuntu security advisory for more info, http://www.ubuntu.com/usn/usn-1012-1 Exploit is also working successfully on Ubuntu 10.10 with cups version 1.4.4-6ubuntu2

Ubuntu security advisory for more info, http://www.ubuntu.com/usn/usn-1012-1

]]>