Re: Web Browsers vulnerable to the Extended HTML Form Attack (IE and OPERA)

From: Olivier Faurax (Olivier.Faurax@esil.univ-mrs.fr)
Date: 02/07/02

Previous message: Patrick Kuiper: "Re: Web Browsers vulnerable to the Extended HTML Form Attack (IE and OPERA)"
In reply to: Mark Renouf: "Re: Web Browsers vulnerable to the Extended HTML Form Attack (IE and OPERA)"
Next in thread: Chip McClure: "Re: Web Browsers vulnerable to the Extended HTML Form Attack (IE and OPERA)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Thu, 07 Feb 2002 19:01:16 +0100
From: Olivier Faurax <Olivier.Faurax@esil.univ-mrs.fr>
To: Mark Renouf <mark@tweakt.net>

Mark Renouf wrote:
>
> obscure wrote:
>
> >
> >Exploit Example.
> >
> >available at http://eyeonsecurity.net/advisories/showMyCookie.html
> >
> FYI: Mozilla 0.9.8+ gives an alert:
> "Access to the port number given has been disabled for security reasons."

idem with Netscape 4.77

--
"Computers are like air conditionners, they stop working properly when
you open windows."
Olivier Faurax, Elève ESIL Dpt Informatique (Promo 2004)
email : Olivier.Faurax@esil.univ-mrs.fr
web   : http://www.esil.univ-mrs.fr/~ofaurax

Previous message: Patrick Kuiper: "Re: Web Browsers vulnerable to the Extended HTML Form Attack (IE and OPERA)"
In reply to: Mark Renouf: "Re: Web Browsers vulnerable to the Extended HTML Form Attack (IE and OPERA)"
Next in thread: Chip McClure: "Re: Web Browsers vulnerable to the Extended HTML Form Attack (IE and OPERA)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages

Re: Free Hotmail in OE send ability going away in April 2005 and my SMTP port 25 is blocked.
... > not SMTP). ... I do not care to use the Juno email software. ... and not a part of Netscape. ... > alternate port with the trial, ...
(microsoft.public.windows.inetexplorer.ie6_outlookexpress)
Re: My home PC as a virtual network adaptor.
... The company's Internet environment is kind of complicated. ... security reasons, it has blocked most of the ports. ... Create a virtual network adaptor in my company PC. ... PC using port 80. ...
(microsoft.public.windows.server.networking)
Re: For N. Miller
... > It is my Browser Netscape 7.2 that makes a Inbound Domain call using the ... > Sometimes it didn't use an App at all on the Inbound that alerted me to ... I started with TCP port 2211 because that is what Netscape is using (I used ...
(microsoft.public.security)
Re: See a lot of Hits on Port 80 TCP
... Zombie computers will perpetually by trying to connect to port 80 by ... > I have Netscape for my ISP and they use AOL Servers. ... > Using Netscape 7.2 Browser Email Client, ... > users and never Seen so many hits on that Port before. ...
(microsoft.public.security)
Re: Blocked Port in NT4?
... Netscape Quality Feedback agent started, followed quickly by a Dr. Watson ... "access error" that crashed Netscape. ... The Mozilla doc sez to add the desired port to "user.js". ... Thor Kottelin wrote: ...
(comp.os.ms-windows.nt.admin.security)