The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

cross site scripting bug in dnslook.html

Discussion in 'Bind / DNS / Nameserver Issues' started by jwiens, Nov 22, 2006.

  1. jwiens

    jwiens Member

    Joined:
    Mar 8, 2004
    Messages:
    16
    Likes Received:
    0
    Trophy Points:
    1
    Just an fyi so folks know they should update. Not a super huge vulnerability but still potentially a problem (for a long and detailed summary of what XSS is and why it matters, see my old post on the subject).

    http://www.securityfocus.com/bid/21142

    Security focus says no solution is out, however Secunia claims that you can update to version 10.9.0 R75 to be secure. I imagine they've got it right and since it looks like a fix is available I figure folks should be aware so they can patch.
     
  2. pjman

    pjman Well-Known Member

    Joined:
    Mar 22, 2003
    Messages:
    101
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    New York
    Secunia is always on top of it.

    I don't even bother looking at anything Security focus puts out. Secunia is a much better source.
     
  3. deanstev

    deanstev Well-Known Member

    Joined:
    Jun 10, 2004
    Messages:
    110
    Likes Received:
    0
    Trophy Points:
    0
Loading...

Share This Page