Re: [Full-disclosure] nVidia.com [Url Redirection flaw]

From: Pete Licoln <pete.licoln@xxxxxxxxx>
Date: Wed, 25 Mar 2009 17:17:21 -0400

There's a difference between an xss and an url redirection ..
this post was about an url js based redirection, now it's a Xss, to me
that's a lot of talk ( and i do contribute ) for an no persistant xss , now
if you wanna have your 2 sec of glory post it on xssed.com ..
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Follow-Ups:
- Re: [Full-disclosure] nVidia.com [Url Redirection flaw]
  - From: Nick FitzGerald

References:
- Re: [Full-disclosure] nVidia.com [Url Redirection flaw]
  - From: mac . user
- Re: [Full-disclosure] nVidia.com [Url Redirection flaw]
  - From: Rubén Camarero
- Re: [Full-disclosure] nVidia.com [Url Redirection flaw]
  - From: yersinia
- Re: [Full-disclosure] nVidia.com [Url Redirection flaw]
  - From: Rubén Camarero
- Re: [Full-disclosure] nVidia.com [Url Redirection flaw]
  - From: Chris Evans

Prev by Date: [Full-disclosure] [SECURITY] [DSA 1755-1] New systemtap packages fix local privilege escalation
Next by Date: [Full-disclosure] Fwd: nVidia.com [Url Redirection flaw]
Previous by thread: Re: [Full-disclosure] nVidia.com [Url Redirection flaw]
Next by thread: Re: [Full-disclosure] nVidia.com [Url Redirection flaw]
Index(es):
- Date
- Thread

Relevant Pages

Re: [Full-disclosure] Gmail 0day
... Your Gmail session is hijacked (i.e.: via the XSS PoC posted on FD) ... Charter: http://lists.grok.org.uk/full-disclosure-charter.html ... Hosted and sponsored by Secunia - http://secunia.com/ ...
(Full-Disclosure)
[Full-disclosure] nVidia.com [Url Redirection flaw]
... Yes i've notice that is also vulnerable to Xss.. ... Xssed.com and i saw that a Xss flaw(not url redirection) was already ... Nevertheless i think that nvidia was not aware of any ... vulnerabilities until the day in which I alerted the admin to the url ...
(Full-Disclosure)
=?KOI8-R?Q?Re:_[Full-disclosure]_XSS_at_msn.com_=C9_cisco.com?=
... It looks like I have:) See my next message "XSS at nsa.gov" or just visit ... Full-Disclosure - We believe in it. ... Charter: http://lists.grok.org.uk/full-disclosure-charter.html ... Hosted and sponsored by Secunia - http://secunia.com/ ...
(Full-Disclosure)
Re: [Full-disclosure] Gmail 0day
... Blackhat SEO XSS ... Charter: http://lists.grok.org.uk/full-disclosure-charter.html ... Hosted and sponsored by Secunia - http://secunia.com/ ... Full-Disclosure - We believe in xss. ...
(Full-Disclosure)
Re: [Full-disclosure] Month of ActiveX Bug
... [Full-disclosure] Month of ActiveX Bug ... Even XSS bugs in open source perl webmail apps. ... Charter: http://lists.grok.org.uk/full-disclosure-charter.html ... Hosted and sponsored by Secunia - http://secunia.com/ ...
(Full-Disclosure)