Re: [Full-disclosure] Re: Google is vulnerable from XSS attack



Excuse me, I clicked send too soon....

As I was saying.... You found a bug, and thats great, well done,
congratulations.

However, at the end of the day that is all it is. A bug, write it off
and end the thread, you have not found the holy grail, you have not
discovered the akashic records on this plane, rather you just found a
silly, yet valid bug in a random web site. Remember that monkeys can
be trained to click a mouse button and paste a 20 letter string in to
a URL.

On 07/12/05, ad@xxxxxxxxxxxxxxxx <ad@xxxxxxxxxxxxxxxx> wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> where is your heap overflow ?? (XSS easy targets) ;>
>
> n3td3v wrote:
> > Hackers own Google while vulnerabilities remain unpatched. Once they
> > patch a vulnerability, they can own me again! Until then... Google is
> > in the hands of hackers.
> >
> > Since you're having a stab at me. Wheres your Google and Yahoo
> > vulnerabilities? Naw, you don't have any. You prefer to go looking for
> > your SQL injections and cross site scripting in web sites no one has
> > ever heard of or cared about before (easy targets).
> >
> > As the score goes, how many high profile brand names have you found
> > vulnerabilities for?
> >
> > Fancy having a hacking challenge for finding vulnerabilities in major dot-com's?
> >
> > Lets do it!
> >
> > On 12/7/05, Morning Wood <se_cur_ity@xxxxxxxxxxx> wrote:
> >
> >>who owns you? hint: Google ( they own the world )
> >
> > _______________________________________________
> > Full-Disclosure - We believe in it.
> > Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> > Hosted and sponsored by Secunia - http://secunia.com/
> >
> >
> >
>
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.2 (MingW32)
>
> iQIVAwUBQ5dYr6+LRXunxpxfAQImGRAAj0gfdT3D3Y5XS5H4iIDujA3l8fCXah0F
> vOxvmPWSFgIvicoNTITrX/MNCqnFXhR5tpbk3m4gUsfb+i4VHoEiNy/GcT3XB2VY
> ZDSqA3lso3kNH9g+LrVMkI9TnLLKJxicbiJRNFusCQcKECDivipuU/hdMiWM/M2j
> h+Uh9bCrl5cWFRcsj8WZDeOZu2jtR4lsh96zdkZAQ+IT9M+auwRAoi9KUvcVuyCO
> 8zoFPmLUsecMU0fc7IeTtODZrhgR9IDQ0kqfRGJpuyR97du7TZrFs+yqzgMn9C2E
> AU+5b3B51Mi62yGpAvXf89nboMoNOoHNdsd2XhuY36VtRoNeuv0PGDIpB5uxlq+v
> OezZ9JcBeWYzxXvwlLB4rSlcsN77uR9DoPvx/bCHQLXd2O/1w01/D5PZw3VUHvxJ
> p7v1FRPBGshqG53RkATbZFKwCyZebYTWbY4E/8hOne1m+wH9hZEk6TVfKwtOmFwE
> /z5vO2jgULeTTKMOrDWQyaiRRC2Kz5iN7BLTBLOVU2nWTPkY2l06dQoo9xXQ/fnS
> MmIyzIYbA+Yc17rddxuRM3TCJ7OBbETQkuOBIFNlTRg2UwnzXskAhxD2H9Qyc9hu
> CPWTQ6IEbB6jMTP18WChzYr5yk475bYLxghdIktvMteCgAB1Q0FxL/bhuVRf8Ipv
> v4guvZNJVhs=
> =wspa
> -----END PGP SIGNATURE-----
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>


--

regards
c0ntex
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/



Relevant Pages

  • Re: netwprk printing on XP
    ... reports via Google? ... Update available at manufacturers's web site? ...
    (microsoft.public.windowsxp.help_and_support)
  • Re: RFID chip barcodes can carry a virus
    ... hardware and firmware for that matter) can be described as a "bug". ... We are not talking about vulnerabilities here. ...
    (misc.survivalism)
  • [NT] Cumulative Security Update for Internet Explorer (MS03-048)
    ... The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com ... Get your security news from a reliable source. ... five newly-discovered vulnerabilities: ... The attacker could also create an HTML e-mail ...
    (Securiteam)
  • Gadu-Gadu several vulnerabilities
    ... Several vulnerabilities were discovered ranging from heap and stack ... of Gadu-Gadu application. ... There is a buffer overflow in the code portion handling sending of images. ... This bug works with the newest build of the ...
    (Bugtraq)
  • Gadu-Gadu several vulnerabilities
    ... Several vulnerabilities were discovered ranging from heap and stack ... of Gadu-Gadu application. ... There is a buffer overflow in the code portion handling sending of images. ... This bug works with the newest build of the ...
    (Full-Disclosure)