Re: Fw: phpBB privmsg.php XSS vulnerability patch.

To: Micheal Cottingham <micheal@xxxxxxxxxxxxxxxxxxxxx>
Subject: Re: Fw: phpBB privmsg.php XSS vulnerability patch.
From: Truthless <nospam@xxxxxxxxxxx>
Date: Wed, 04 Feb 2004 01:23:43 +0000
Cc: bugtraq@xxxxxxxxxxxxxxxxx
In-reply-to: <40185E71.8060009@xxxxxxxxxxxxxxxxxxxxx>
List-help: <mailto:bugtraq-help@securityfocus.com>
List-id: <bugtraq.list-id.securityfocus.com>
List-post: <mailto:bugtraq@securityfocus.com>
List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
Mailing-list: contact bugtraq-help@xxxxxxxxxxxxxxxxx; run by ezmlm
References: <002401c3e5d9$6ba5fc90$020a0180@JPCottingham> <40185E71.8060009@xxxxxxxxxxxxxxxxxxxxx>
User-agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.5) Gecko/20031007

This is a previously published Vulnerability and not something that isyet to be reported.

Shaun was referring to the patch itself.

Truthless.

--

Micheal Cottingham wrote:

If you think you have found a security hole with phpBB, contact thesecurity email address ... I assure you they won't bite your head offfor notifying them, even if it turns out to be a false alarm.


International Veneer Co., Inc. wrote:

----- Original Message ----- From: "Shaun Colley" <shaunige@xxxxxxxxxxx>
To: <bugtraq@xxxxxxxxxxxxxxxxx>
Sent: Wednesday, January 28, 2004 10:39 AM
Subject: phpBB privmsg.php XSS vulnerability patch.


For those who have not yet installed the phpBB
packages fixing the XSS vulnerability in privmsg.php
documented at <http://www.securityfocus.com/bid/9290>
<snip>


Thank you for your time.
Shaun.

References:
- Re: Fw: phpBB privmsg.php XSS vulnerability patch.
  - From: Micheal Cottingham

Prev by Date: Re: getting rid of outbreaks and spam (junk) [WAS: Re: RFC: virus handling]
Next by Date: Re: RFC: virus handling
Previous by thread: Re: Fw: phpBB privmsg.php XSS vulnerability patch.
Next by thread: SRT2004-01-17-0227 - BlackICE allows local users to become SYSTEM
Index(es):
- Date
- Thread