I'm not so sure, the written English is poor and can be misinterpreted. The sec focus link is crafted peculiarly but it's not a hustle in and of itself, it's sharing the problem description after all.
I think given the misconfiguration *has* gone unnoticed and potentially could be of trouble 'in the future' a thank you, acknowledgement and small compensation would actually be the decent thing to do. Just my 2c as an active participant in the security community. On 05/06/2020 10:24, Jukka Pakkanen wrote: > Complete scam, ignore. > > Just check the “securityfocus” link, it’s fake too. > > Jukka > > > > *Lähettäjä:* bind-users <bind-users-boun...@lists.isc.org> *Puolesta > *Ejaz Ahmed > *Lähetetty:* 5. kesäkuuta 2020 10:55 > *Vastaanottaja:* bind-users@lists.isc.org > *Aihe:* Fwd: DNS Misconfiguration on- http://cyberia.net.sa/ > > > > > > > > Some one is is claiming that our name server 212.118.64.2 is vulnerable > with below information is this true > > > > Any suggestions would be appreciated > > > > Thanks a n advance > > > > Ejaz > > > > > > > > Dear CYBERIA GROUP Security Team , > > > > I Rahul a Ethical Hacker and Security Researcher. I found a > vulnerability on your website that is DNS Misconfiguration . > > > > Your *localhost.cyberia.net.sa <http://localhost.cyberia.net.sa> *has > address 127.0.0.1 and this may lead to "Same- Site" Scripting. I can > also ping the localhost network. > > > > > > Here is detailed description of this minor security issue > :*http://www.securityfocus.com/archive/1/486606/30/0/threaded > <https://hackerone.com/redirect?signature=f22656dd5afea782410979cdd3fbb951f819c82e&url=http%3A%2F%2Fwww.securityfocus.com%2Farchive%2F1%2F486606%2F30%2F0%2Fthreaded>* > > > > *Find attached POC Video. * > > > > *Dear Team Waiting for your response and **I want bounty(money) with an > Appreciation letter for my work and effort which I have given for * > > > > > > *Thanks in advance * > > *Ejaz * > > > > > > > > > > > _______________________________________________ > Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe > from this list > > ISC funds the development of this software with paid support subscriptions. > Contact us at https://www.isc.org/contact/ for more information. > > > bind-users mailing list > bind-users@lists.isc.org > https://lists.isc.org/mailman/listinfo/bind-users > _______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information. bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
