>
> * Certified SNORT Integrator
> * 2008-9 Hot Company Award Winner, World Executive Alliance
> * Five-Star Partner Program 2009, VARBusiness
> * Best Anti-Spam Product 2008, Network Products Guide
> * King of Spam Filters, SC Magazine 2008
>
>
>______________________________________________________________________
>This email has been scanned and certified safe by SpammerTrap(r).
>For Information please see http://www.secnap.com/products/spammertrap/
* Certified SNORT Integrator
* 2008-9 Hot Company Award Winner, World Executive Alliance
* Five-Star Partner Program 2009, VARBusiness
* Best Anti-Spam Product 2008, Network Products Guide
* King of Spam Filters, SC Magazine 2008
_________________________________________________________________________
This email has been scanned and certified safe by SpammerTrap(r).
For Information please see http://www.secnap.com/products/spammertrap/
_________________________________________________________________________
* Certified SNORT Integrator
* 2008-9 Hot Company Award Winner, World Executive Alliance
* Five-Star Partner Program 2009, VARBusiness
* Best Anti-Spam Product 2008, Network Products Guide
* King of Spam Filters, SC Magazine 2008
______________________________________________________________________
This email has been scanned and certified safe by SpammerTrap(r).
For Information please see http://www.secnap.com/products/spammertrap/
* Certified SNORT Integrator
* 2008-9 Hot Company Award Winner, World Executive Alliance
* Five-Star Partner Program 2009, VARBusiness
* Best in Email Security,2010: Network Products Guide
* King of Spam Filters, SC Magazine 2008
______________________________________________________________________
This email has been scanned and certified safe by SpammerTrap(r).
For Information please see http://www.secnap.com/products/spammertrap/
______________________________________________________________________
* Certified SNORT Integrator
* 2008-9 Hot Company Award Winner, World Executive Alliance
* Five-Star Partner Program 2009, VARBusiness
* Best Anti-Spam Product 2008, Network Products Guide
* King of Spam Filters, SC Magazine 2008
______________________________________________________________________
This email has been scanned and certified safe by SpammerTrap(r).
For Information please see http://www.secnap.com/products/spammertrap/
==================================================
Filtered by: TRUSTEM.COM's Email Filtering Service
http://www.trustem.com/
No Spam. No Viruses. Just Good Clean Email.
VI. DISCLOSURE TIMELINE
~~~~~~~~~~~~~~~~~~~~~~~
18/07/2007 - Vulnerability details sent to the maintainer
23/07/2007 - Vulnerability details resent
26/07/2007 - Initial vendor response (delay due to spam filters)
05/08/2007 - Quick-fix implemented dropping multipart requests in
Stinger 2.5
VII. ACKNOWLEDGEMENTS
http://xenion.antifork.org/cookietools/lista/index.html
If you know other vulnerable services, mail me and i'll add them to
the VULN list.
If you know some not vulnerable services, mail me and i'll add them to
the SECURE list.
Use "COOKIETOOLS LISTA" as subject to skip my spam filters.
why HTTPS is not the default in this type of services? this is a big
silent hole. maybe, today is less silent :)
==================================================
Filtered by: TRUSTEM.COM's Email Filtering Service
http://www.trustem.com/
No Spam. No Viruses. Just Good Clean Email.
==================================================
Filtered by: TRUSTEM.COM's Email Filtering Service
http://www.trustem.com/
No Spam. No Viruses. Just Good Clean Email.
filter and post spam comments that get filtered and then a week later or
so gets deleted off and the CPU use on the site sucks. But that could
also be the software I'm running.
Maybe I'm jaded but I'm my understanding of the risk is right, if all
they can do is bypass my spam filters and run up my CPU cycles I'm not
sure I'd call this a vulnerability. Bug yes. I guess I define
vulnerability more strictly in terms of actual damage, remote access,
harsh impact to the users of the site, loss of sensitive account
information, etc, more damage than just forcing me to buy beefier
hardware and wonder why I occasionally get a spam posted, but maybe I'm
