RE: scary site

From: Singh Anil V Contr AFRL/MLOC (Anil.Singh@wpafb.af.mil)
Date: 03/07/02


From: Singh Anil V Contr AFRL/MLOC <Anil.Singh@wpafb.af.mil>
To: "'security-basics@securityfocus.com'" <security-basics@securityfocus.com>
Date: Thu, 7 Mar 2002 16:08:16 -0500 

Out of curiosity, what is it about IE that makes it especially vulnerable in
this case? Just looking at the html it seems the page uses standard
JavaScript functions...why wouldn't this work for other browsers?

Anil V. Singh

-----Original Message-----
From: ruler [mailto:rulerpen@optonline.net]
Sent: Wednesday, March 06, 2002 2:21 PM
To: security-basics@security-focus.com
Subject: Re: scary site

There are also sites that will let you view all of your directory trees,
which a server could easily see all of your files. Which do you think is
more scary?
----- Original Message -----
From: "leon" <leon@inyc.com>
To: <security-basics@security-focus.com>
Sent: Tuesday, March 05, 2002 12:30 PM
Subject: scary site

> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> http://www.liquidwd.freeserve.co.uk/
>
>
> Try it with a windows machine and IE with all patches.
>
> Be afraid be very afraid.
>
> FYI this is for all those people who are think that just having a
> firewall is enough.
>
> Guess what?
>
> This works through packet filter, stateful inspection and proxy
> servers.
>
> Cheers,
>
> Leon
>
> -----BEGIN PGP SIGNATURE-----
> Version: PGPfreeware 6.5.8 for non-commercial use <http://www.pgp.com>
>
> iQA/AwUBPIUArNqAgf0xoaEuEQLn0wCgjtpLPuRxLbCscHrq32IjePeezf8AoI6t
> T73+xCv/VhrCGDVDIVrFBqZl
> =9gR6
> -----END PGP SIGNATURE-----
>