On 2009-02-26 Vladimir '3APA3A' Dubrovin wrote: > --Thursday, February 26, 2009, 7:40:50 PM, you wrote to bugtraq@xxxxxxxxxxxxxxxxx: > DSRG> Application: APC PowerChute Network Shutdown's Web Interface > DSRG> Vendor URL: http://www.apc.com/ > DSRG> Bug: XSS/Response Splitting > > DSRG> Solution: Use Firewall > > Just wonder: how can firewall to protect against XSS/response splitting? You don't give the bad guys access to your UPS's web interface? Regards Ansgar Wiechers -- "The Mac OS X kernel should never panic because, when it does, it seriously inconveniences the user." --http://developer.apple.com/technotes/tn2004/tn2118.html
