Re: [Full-disclosure] Cross-Site Scripting attacks via redirectors in different browsers
- From: "MustLive" <mustlive@xxxxxxxxxxxxxxxxxx>
- Date: Wed, 23 Sep 2009 00:49:26 +0300
I'm glad that you liked my article (and advisories) about Cross-Site
Scripting attacks via redirectors.
You can read my next article on English - Redirectors: the phantom menace
And do not forget, this is feature, not bug :P
First, vulnerability it's not the same as bug, these are different things.
And so in security field words such as vulnerabilities, vulns and holes must
be used, but not "bugs" (to not decrease their level of criticality to
ordinary software errors which are bugs).
Second, you are right, it's feature (and it was well-known aphorism).
Especially it's feature in hacker's hands ;-).
Best wishes & regards,
Administrator of Websecurity web site
----- Original Message -----
From: "Tхnu Samuel" <tonu@xxxxxx>
To: "MustLive" mustlive@xxxxxxxxxxxxxxxxxx
Sent: Saturday, September 19, 2009 8:17 PM
Subject: Re: [Full-disclosure] Cross-Site Scripting attacks via redirectors
in different browsers
I wrote about five method of attacks in the article (via location-header
refresh-header redirectors) - about four of them I already posted in
Bugtraq. In this letter I'll inform you about new vulnerable browsers to
those vulnerabilities which I wrote to Bugtraq before.
Thanks, useful info for me at least. And do not forget, this is feature,
not bug :P
Full-Disclosure - We believe in it.
Hosted and sponsored by Secunia - http://secunia.com/
- Prev by Date: Re: [Full-disclosure] Dumb question: Is Windows box behind a router safe ?
- Next by Date: Re: [Full-disclosure] Dumb question: Is Windows box behind a router safe ?
- Previous by thread: Re: [Full-disclosure] Cross-Site Scripting attacks via redirectors in different browsers
- Next by thread: [Full-disclosure] List Charter