RE: [Full-disclosure] New (19.10.05) MS-IE Url Spoofing bug (by K-Gen).
From: Billy Rios (billy.rios_at_gmail.com)
Date: 10/21/05
- Previous message: K-Gen Gen: "[Full-disclosure] phpBB 2.0.17 (and other BB systems as well) Cookie disclosure exploit."
- Maybe in reply to: K-Gen Gen: "[Full-disclosure] New (19.10.05) MS-IE Url Spoofing bug (by K-Gen)."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Fri, 21 Oct 2005 13:52:26 -0600 To: full-disclosure@lists.grok.org.uk
Interesting.... I'm curious as to what kind of validation is used on the
"onClick=" parameter when it's used in an HREF tag.
On a side note, I recently came across something similar to the
nicesite@evilsite.com phishing trick. The url below demonstrates the
vulnerability:
http://any-site-here.com+www.seclists.org
As you can see... the URL above will direct the user to
seclists.org<http://seclists.org>.
I'm guessing this has more to do with the way DNS handles the request as
opposed to browser vulnerabilities. It could be used for phishing attacks
though.....
BK
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
- Previous message: K-Gen Gen: "[Full-disclosure] phpBB 2.0.17 (and other BB systems as well) Cookie disclosure exploit."
- Maybe in reply to: K-Gen Gen: "[Full-disclosure] New (19.10.05) MS-IE Url Spoofing bug (by K-Gen)."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
