[Zope] HTTP Request Denial of Service Vulnerability

Andreas Jung lists at zopyx.com
Fri Jul 24 12:43:26 EDT 2009


Hi,




On 24.07.09 18:24, Ryan_Permeh at McAfee.com wrote:
> I manage product security at McAfee, of which Foundstone is a part.  I am not aware of releasing such an advisory, and am looking into this.  Could we get details regarding where this was found?  Was this posted to a web site?  A security mailing list?  And when was it posted?  This may have a very different meaning if it was published in 2001 or something like that.  Alternately, Foundstone produces a vulnerability management software, was this in a report generated by that product?  
>
>   
I have no idea what you are talking about.

We had this strange mail thread this week:

http://mail.zope.org/pipermail/zope/2009-July/175308.html

related to this hotfix

http://www.zope.org/Products/Zope/Hotfix-2008-08-12

Now how is this related to " HTTP Request Denial of Service
Vulnerability" ???

I can not find anything related to the subject within the list of our
hotfixes (which is pretty small since 2000):

-------------- next part --------------
A non-text attachment was scrubbed...
Name: lists.vcf
Type: text/x-vcard
Size: 316 bytes
Desc: not available
Url : http://mail.zope.org/pipermail/zope/attachments/20090724/d1607a0b/attachment.vcf 


More information about the Zope mailing list