Date: Fri, 24 Aug 2012 12:04:06 +0200 From: Thomas Pollet <thomas.pollet@...il.com> To: oss-security@...ts.openwall.com Subject: Re: zenoss issues Hi, I have found that zenoss displays snmp output like syslocation unfiltered in the web interface. http://jira.zenoss.com/jira/browse/ZEN-3192 I suspect there are many more bugs in this package. Regards, Thomas On 24 August 2012 09:33, Thomas Pollet <thomas.pollet@...il.com> wrote: > Hello, > > I have found xss and command execution problems with zenoss. I created a > bugreport which can be found at > http://jira.zenoss.com/jira/browse/ZEN-3183 . However the zenoss > developers don't seem to be able to reproduce the issues. > > Another issue, reported by Emanuel Bronshtein can be found at > http://jira.zenoss.com/jira/browse/ZEN-3153 > > Regards, > Thomas Pollet >
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.