[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-users] userList.php possible exploit

Subject: Re: [cobalt-users] userList.php possible exploit
From: Anders <andersb@xxxxxxxxxxx>
Date: Mon May 5 08:33:00 2003
List-id: Mailing list for users to share thoughts on Sun Cobalt products. <cobalt-users.list.cobalt.com>

H.P. Noordam wrote:

>> PS. Note that it is "only" viewing, modifying gives errors.
> 
> hmm i guess the inability to actualy SAVE the screens you can get, takes the
> real bite out. Still, it is quite stupid that any user can see just about
> everything from other hosted sites.

Indeed, but I guess the Qube 3 from which the RaQ 550 GUI came
never had those problems... (since it doesn't do virtual hosts)
 
> a quick searh on the forums & KB didnt get me a thread about prior solutions
> so i guess the issue is too old, do you know if there was an "official" way
> to patch the code, or is it left to the users ?

There is no offical way, and no offical response. Left to the customers.

--anders

References:
- RE: [cobalt-users] userList.php possible exploit
  - From: H.P. Noordam

Prev by Date: Re: [cobalt-users] How to stop SPAM senders?
Next by Date: [cobalt-users] K6-III on Qube 3
Previous by thread: RE: [cobalt-users] userList.php possible exploit
Next by thread: RE: [cobalt-users] userList.php possible exploit

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index