[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-disclosure] radware AppWall Web Application Firewall: Source code disclosure on management interface

To: <full-disclosure@xxxxxxxxxxxxxxxxx>
Subject: Re: [Full-disclosure] radware AppWall Web Application Firewall: Source code disclosure on management interface
From: "Shaked Vax" <ShakedV@xxxxxxxxxxx>
Date: Thu, 2 Jul 2009 14:23:16 +0300

Radware team has completed analysis of the reported issue, concluding
that no AppWall customer using the product  according to Radware
deployment recommendations would be exposed to vulnerability as a result
of this issue. This is due to the facts that this issue exists only on
the management interface that is recommended to be connection to
internal LAN only, and that it does not allow performing any actions
that would influence machine functionality.
 Nevertheless, in order to enforce our commitment to deliver top
security solution to our customers, Radware will supply a fix for this
issue within its upcoming AppWall release.

Shaked Vax
AppWall Product Manager 
ShakedV@xxxxxxxxxxx 
 

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Follow-Ups:
- Re: [Full-disclosure] radware AppWall Web Application Firewall: Source code disclosure on management interface
  - From: Vladimir '3APA3A' Dubrovin

Prev by Date: [Full-disclosure] [ISecAuditors Security Advisories] Joomla! < 1.5.12 Multiple XSS vulnerabilities in HTTP Headers
Next by Date: [Full-disclosure] [USN-794-1] Perl vulnerability
Previous by thread: [Full-disclosure] [ISecAuditors Security Advisories] Joomla! < 1.5.12 Multiple XSS vulnerabilities in HTTP Headers
Next by thread: Re: [Full-disclosure] radware AppWall Web Application Firewall: Source code disclosure on management interface
Index(es):
- Date
- Thread