Security Information Vulnerability Research Security Blog

Fixes for MoPB – how about M.O.M.B.Y.?

May 7th, 2007 by , Filed under: Commentary, Corporate Security, Culture, Full Disclosure, Web

We have new fixes for seven vulnerabilities disclosed with Month of PHP Bugs (MOPB-03-2007 , 14, 20, 21, 26, 33 and 34) now, but what is the state of reported MySpace bugs?

I think that security community is interested of the state of these more recent April bugs too.

Information here:

We disclsed 19 bugs this month, about 14 of which were fixed within a day or two of publication, which demonstrates two interesting facts: the Myspace web design and security groups can fix bugs if they care to, and b) the Myspace web design and security groups tend to fix bugs if they’re presented in an easy to read and high profile “Month of” format.

Source: momby.livejournal.com/7285.html

Share
  • http://xenomuta.blogspot.com XenoMuta

    Same stuff, different Month…

  • http://xenomuta.blogspot.com XenoMuta

    This’ so true…

    No mather how good researchers and bug-hunters are, security’ll still be down if ppl on charge are lazy.

  • http://www.whiteacid.org/ Sid

    I’m tempted to ask though, how good are their fixes? I remember when, on sla.ckers.org, we went through several versions of the same flaw until they finally fixed it properly.
    http://ha.ckers.org/blog/20070112/myspace-0day-again6/

  • Share







  • Categories


Security RSS Subscribe