[VIM] Vendor dispute of Land Down Under issues

security curmudgeon jericho at attrition.org
Mon Aug 29 16:59:48 EDT 2005

: The front page of the Land Down Under site includes a news item
: "Regarding LDU at SecurityFocus.com" that disputes the original claims
: of SQL injection/XSS issues in LDU:
:   Regarding LDU at SecurityFocus.com
:   21-08-2005 05:25
:   Since yesterday there's 2 new items about LDU at
:   http://www.securityfocus.com, about "security exploits" that may
:   affect LDU build 800. None of the tricks written there are working,
:   the variables are properly sanitized and no LDU version is
:   affected. This morning I notified the moderators of the site.
:   The 2 articles are here :
:   http://securityfocus.com/bid/14618/exploit
:   http://securityfocus.com/bid/14619/exploit
:   I'll post here as soon as possible if there's updates regarding this
:   topic.
:   *UPDATE*
:   A little "Hello!" to all the people trying the non-working URLs here
:   at Neocrome.net, you will be forever famous in the log :]

Interesting. Original disclosure AND two subsequent posts with 
vulnerabilities. Makes me wonder if LDU is playing the 'deny everything' 

Sat Aug 20 2005

Sun Aug 28 2005

Mon Aug 29 2005

More information about the VIM mailing list