howdark.com "exploits"

Read me first before posting anywhere!
Subscribe to the feed, available in Image Atom or Image RSS format.
Scam Warning

howdark.com "exploits"

Postby psoTFX » Mon Nov 15, 2004 4:27 pm

We've have had and continue to receive reports based on a bugtraq email submitted by the "howdark.com" group. Please do not report these issues to us, not by PM, email nor via our security tracker.

The two "sql injection" issues are not sql injection issues, nothing can be done with them at all due to type casting (strings are forced to an integer type). The group admit this themselves but persist in claiming they are sql injection issues. The "solution" they give contains semantically incorrect SQL (you do not enclose values for integer field types in quotes).
User avatar
psoTFX
Former Team Member
 
Posts: 7425
Joined: Tue Jul 03, 2001 8:50 pm

Return to Announcements

Who is online

Users browsing this forum: No registered users and 13 guests