Control scan is asking for the following info to mark it as a false positive:
Is there any type of url/content filtering?
What pattern matching is done to prevent this vulnerability.
Search:
Type: Posts; User: tbaquatics
Search: Search took 0.01 seconds.
-
30 Jun 2010, 05:29 PM
Thread: [Done v1.3.9e] format string attack.
by tbaquatics- Replies
- 7
- Views
- 3,046
Re: format string attack.
-
14 Jun 2010, 05:17 PM
Thread: [Done v1.3.9e] format string attack.
by tbaquatics- Replies
- 7
- Views
- 3,046
Re: format string attack.
What about in 1.3.8? Any patch?
-
14 Jun 2010, 03:47 PM
Thread: [Done v1.3.9e] format string attack.
by tbaquatics- Replies
- 7
- Views
- 3,046
Re: format string attack.
1.3.8 with all security patches. I rather not post a url if it really is an issue. If one of the devs wants the url I can pm it.
-
14 Jun 2010, 01:53 PM
Thread: [Done v1.3.9e] format string attack.
by tbaquatics- Replies
- 7
- Views
- 3,046
[Done v1.3.9e] format string attack.
Any ideas? Is this a false positive on a pci scan:
The remote web server hosts CGI scripts that fail to adequately sanitize request strings. They seem to be vulnerable to a 'format string'...
Results 1 to 4 of 4
