Bugtraq mailing list archives
Re[2]: The Dangers of Allowing Users to Post Images
From: "Alexander K. Yezhov" <admin () leader ru>
Date: Fri, 15 Jun 2001 22:52:40 +0400
Following upon the letter of Friday, June 15, 2001: RMS> This is a *very* interesting finding. It seems kind of obvious RMS> too. I wonder why no one seems to have run across it before. It reminds me "Client Side Trojans" thread. Also similar problem with authorization have been described at tools-on.net ("Web and your privacy" section). The problem is that once authorised you don't have to enter password again if you are redirected to some form inside protected (via .htaccess, cookie, etc) area. Best regards, Alexander --------------------------------------------------------------- MCP+I, MCSE, BrainBench certificates http://leader.ru http://tools-on.net ---------------------------------------------------------------
Current thread:
- Re: [BUGTRAQ] Re: never-ending Referer arguments (The Dangers of Allowing Users to Post Images), (continued)
- Re: [BUGTRAQ] Re: never-ending Referer arguments (The Dangers of Allowing Users to Post Images) CDI (Jun 22)
- Re: The Dangers of Allowing Users to Post Images John Percival (Jun 22)
- Re: The Dangers of Allowing Users to Post Images Michal Szokolo (Jun 24)
- Re: The Dangers of Allowing Users to Post Images Travis Siegel (Jun 25)
- Re: The Dangers of Allowing Users to Post Images Jeffrey W. Baker (Jun 25)
- Re: The Dangers of Allowing Users to Post Images Sverre H. Huseby (Jun 19)
- Re: The Dangers of Allowing Users to Post Images Henrik Nordstrom (Jun 19)
- Re: The Dangers of Allowing Users to Post Images Brett Lymn (Jun 18)
- Re: The Dangers of Allowing Users to Post Images Marc Slemko (Jun 16)
- Re[2]: The Dangers of Allowing Users to Post Images Alexander K. Yezhov (Jun 16)
- Re: The Dangers of Allowing Users to Post Images Ryan Kennedy (Jun 16)
- Re: The Dangers of Allowing Users to Post Images Peter W (Jun 16)