On Tue, 3 Apr 2012, b.saleh@xxxxxxx wrote:
# Exploit Title: Arbor Networks Peakflow SP XSS # Date: 03 April 2012
Arbor Networks has reviewed this report. This issue was addressed and fixed in Peakflow SP releases 5.1.1 patch 6 (released on November 30, 2011) and later, 5.5 patch 4 (released on December 27, 2011) and later, and 5.6.0 patch 1 (released on September 14, 2011). This is not a current issue, therefore.
Customers who remain concerned should restrict web console access to trusted network locations via network access rules.
For future security issue reports, please use the address security@xxxxxxxxx to establish communications. Arbor Networks take these reports very seriously and seeks to work with security researchers when possible to remedy any such issue.
------------------------------------------------------------- jose nazario, ph.d. <jose@xxxxxxxxx> manager of security research arbor networks v: (734) 821 1427 http://asert.arbor.net/
