Re: [Full-Disclosure] Question about the new Xupiter toolbar

From: xss-is-lame@hushmail.com
Date: 01/30/03

Next message: Paul Schmehl: "RE: [Full-Disclosure] The worm author finally revealed!"

Previous message: Pipes Cuchifrito: "RE: [Full-Disclosure] The worm author finally revealed!"
Maybe in reply to: Richard M. Smith: "[Full-Disclosure] Question about the new Xupiter toolbar"
Next in thread: Brian McWilliams: "Re: [Full-Disclosure] Question about the new Xupiter toolbar"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

To: full-disclosure@lists.netsys.com
From: xss-is-lame@hushmail.com
Date: Thu, 30 Jan 2003 11:45:42 -0800

-----BEGIN PGP SIGNED MESSAGE-----

Maybe it uses cross-site tracing. I hear that it's really dangerous.

XiL
xss-is-lame@hushmail.com

> Has anyone looked into this new Xupiter toolbar to see how it is being
> installed on people's computer? In particular is it using some IE
> security hole for the install or does it just use the standard ActiveX
> drive-by download mechanism?
-----BEGIN PGP SIGNATURE-----
Version: Hush 2.2 (Java)
Note: This signature can be verified at https://www.hushtools.com/verify

wmAEARECACAFAj44P5kZHHhzcy1pcy1sYW1lQGh1c2htYWlsLmNvbQAKCRDs/5lboNFb
hr8BAJ99LC++ZhuQT7S/Y/+yVXFv+U2PqQCgglbkXYlfI4SWrDviVb+HOwK7ayk=
=fz+o
-----END PGP SIGNATURE-----

Concerned about your privacy? Follow this link to get
FREE encrypted email: https://www.hushmail.com/?l=2

Big $$$ to be made with the HushMail Affiliate Program:
https://www.hushmail.com/about.php?subloc=affiliate&l=427-->_______________________________________________
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Next message: Paul Schmehl: "RE: [Full-Disclosure] The worm author finally revealed!"
Previous message: Pipes Cuchifrito: "RE: [Full-Disclosure] The worm author finally revealed!"
Maybe in reply to: Richard M. Smith: "[Full-Disclosure] Question about the new Xupiter toolbar"
Next in thread: Brian McWilliams: "Re: [Full-Disclosure] Question about the new Xupiter toolbar"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages

RE: [Full-Disclosure] Bill Gates blames the victim
... How is the typical home PC user who runs ... > to fix this latest critical security hole in Microsoft Word: ... machines to a state where they could install the patch. ...
(Full-Disclosure)
Re: Newbie Q: freeBSD vs openBSD
... > it seems the OpenBSD group doesn't actually like questions. ... Under FreeBSD, the community is more ... "Only one remote hole in the default install, ... so it's strange it has even one security hole. ...
(freebsd-questions)
Re: cvsup and portupgrade
... I do not so much want to install php with a security hole as much as I want to patch the hole. ... Portaudit produces alarmist messages for any and every security bug, and the "advice" it gives to immediately de-install ports is frequently over-the-top and often unachievable. ... Or just look regularly for your port in http://www.freebsd.org/ports/index.html and see when the version number changes. ...
(freebsd-questions)
Re: cvsup and portupgrade
... However if you're really sure you need and want this kind of port ... However - you should be aware that you'd install a program with a ... a security hole as much as I want to patch the hole. ...
(freebsd-questions)
Re: Weird IE6 behaviors
... >Both the system and NAV have been updated with latest patches and updates. ... >a security hole which hasn't been patched. ... - DISable "install on demand" ...
(microsoft.public.windowsxp.general)