Re: Cross site scripting @verisign.com and @cybercash.com

From: kristalaz (kristalaz@tdd.lt)
Date: 04/22/02


From: "kristalaz" <kristalaz@tdd.lt>
To: "KF" <dotslash@snosoft.com>, <websitesupport@verisign.com>, <support@verisign.com>, <recon@snosoft.com>, <vuln-dev@security-focus.com>, <bugtraq@security-focus.com>
Date: Mon, 22 Apr 2002 13:59:44 +0200

I donīt think that this is a bug in theirs servers, because if you try this
"about:<script>alert('hi')</script>" write in your adress at IE >4.0, you
will see that its a IE bug, because this site is generated by browser
------
kristalaz
kristalaz@yahoo.com
http://linux.tinkle.lt

_________________________________________________________
Do You Yahoo!?
Get your free @yahoo.com address at http://mail.yahoo.com



Relevant Pages

  • [REVS] Security holes... Who cares? (Security patches handling case study)
    ... Immediately after the publication of the bug and its ... subsequent fix we identified a set of vulnerable servers. ... The information in this bulletin is provided "AS IS" without warranty of any kind. ... In no event shall we be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages. ...
    (Securiteam)
  • Re: Bug 2341 - ntpd fails to keep up with clock drift at poll>7
    ... The bug report is for ntp 4.2.7, i.e. the developer version, so this may not occur with the current stable version, which is 4.2.6p5. ... However, my observation is that usually the Windows system time is disciplined more accurately with short polling intervals, at least under Windows. ... So my advice would have been to use minpoll 4 maxpoll 4, if this setting wouldn't affect the workaround implemented in -dev. ... servers with low or no minpoll, backup servers are polled at minpoll or ...
    (comp.protocols.time.ntp)
  • Re: SSH Auth Failure?
    ... >> While doing updates on my servers, I came across this one and I'm ... If the only solution to the information leak is to have this delay, ... </snip from bug comments> ... bogus log messages are not ok. ...
    (RedHat)
  • Re: Intel em receive hang and possible pr #72970 + some offtop
    ... After this driver from RELENG_6 will be buildable. ... If one experiences a bug in a FreeBSD release, ... And this servers aren't less ...
    (freebsd-net)
  • Zone Alarm is Not Safe
    ... four different servers. ... The company says it will fix the "bug" soon. ... dass ich ihn für uns finden muss ... Auf 'ner Strasse im Regen, auf 'nem Berg nah beim Mond ...
    (alt.2600)