[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Arbor Networks Peakflow SP web interface XSS



On Tue, 3 Apr 2012, b.saleh@xxxxxxx wrote:

#  Exploit Title: Arbor Networks Peakflow SP XSS
#  Date: 03 April 2012

Arbor Networks has reviewed this report. This issue was addressed and fixed in Peakflow SP releases 5.1.1 patch 6 (released on November 30, 2011) and later, 5.5 patch 4 (released on December 27, 2011) and later, and 5.6.0 patch 1 (released on September 14, 2011). This is not a current issue, therefore.

Customers who remain concerned should restrict web console access to trusted network locations via network access rules.

For future security issue reports, please use the address security@xxxxxxxxx to establish communications. Arbor Networks take these reports very seriously and seeks to work with security researchers when possible to remedy any such issue.


-------------------------------------------------------------
jose nazario, ph.d.     	<jose@xxxxxxxxx>
manager of security research 	arbor networks
v: (734) 821 1427 	      	http://asert.arbor.net/