Information Security Think Tank
First of all I need to let you know that it is not within our practice to disclose vulnerabilities on specific online applications. However, given the fact that Pownce, the vendor, was responsibly informed and the fact that we believe that the issue is interesting enough to be discussed, we’ve decided to let you know about our findings. [...]
In the previous post I’ve talked about how someone can poison local name servers (nasty things like registering a wpad name) through DHCP. In this post, I would like to draw your attention on various other injection issues that come into mind when we are dealing with that very same protocol. The reason for all these issues is because people tend to trust certain known protocols far too much than they should. [...]