[W3af-svn-notify] [Task #146849] osCommanding false positive
Status: Beta
Brought to you by:
andresriancho
Menu
▾
▴
[W3af-svn-notify] [Task #146849] osCommanding false positive
|
From: SourceForge.net <no...@so...> - 2008-03-06 00:42:37
|
Task #146849 has been updated. Project: w3af Subproject: Plugin TODO v1.00 Summary: osCommanding false positive Complete: 0% Status: Closed Authority : andresriancho Assigned to: andresriancho Description: OS Commanding was found at: http://www.farmacity.com.ar/ar/locales-head.swf . Using method: GET. The data sent was: sucursales=run+ping+-n+5+localhost. The vulnerability was found in the request with id 10631. Follow-Ups: ------------------------------------------------------- Date: 2008-03-05 21:42 By: andresriancho Comment: No, accepting false positive. ------------------------------------------------------- Date: 2008-03-05 21:41 By: andresriancho Comment: Solved in revision 801 when implemented a "benchmarking" functionality for unfuzzed requests. ------------------------------------------------------- For more info, visit: http://sourceforge.net/pm/task.php?func=detailtask&project_task_id=146849&group_id=170274&group_project_id=50603 |
