[VIM] Conftool, not Canftool; appears to be distributable
Steven M. Christey
coley at mitre.org
Tue Mar 28 19:49:04 EST 2006
BUGTRAQ:20060327 CanfTool v1.1 Cross Site Scripting Attack
Subject line says "CanfTool" but rest of the post says "ConfTool",
which is correct.
A glance at the vendor web site suggests that it is primarily an
application/hosting provider, but the following license makes it clear
that there are cases in which its code is made available to consumers:
"Don't give the software or parts of it to others without our
If you improve the tool, let us have the altered sources so we can
integrate your improvements into the official version."
More information about the VIM