[VIM] Some bl4ck Advisories are site-specific

Heinbockel, Bill heinbockel at mitre.org
Tue Feb 13 10:29:03 EST 2007

Yesterday, the research bl4ck (Black Zero) posted
several BUGTRAQ issues for XSS vulnerabilities. Some
of these (maybe all) appear to be site-specific issues, including:

BUGTRAQ:20070209 XSS in eWay
BUGTRAQ:20070210 XSS in JBoss Portal
BUGTRAQ:20070209 XSS in lighttpd

I have verified that the lighttpd product is not vulnerable
to XSS, and have not found any evidence supporting XSS
flaws in the others.

Anyone else have any luck?

William Heinbockel
Infosec Engineer
The MITRE Corporation
202 Burlington Rd. MS S145
Bedford, MA 01730
heinbockel at mitre.org

More information about the VIM mailing list