Full Disclosure mailing list archives

RE: visa XSS?

From: "Knarr, Joshua" <joshua.knarr () sap com>
Date: Tue, 23 Dec 2003 15:08:04 +0100


I think this is also the first sighting of the @ vulnerability in the wild.  Or am I mistaken?  It seems the tool 
available from Xforce does nothing to stop this.  (http://xforce.iss.net/xforce/alerts/id/159).

Thanks
Joshua Knarr

-----Original Message-----
From: full-disclosure-admin () lists netsys com 
[mailto:full-disclosure-admin () lists netsys com] On Behalf Of 
Mauro Flores
Sent: Tuesday, December 23, 2003 6:45 AM
To: full-disclosure () lists netsys com
Subject: [Full-disclosure] visa XSS?

I receive this mail today, the funny stuff is that when you 
click on the
link, you execute:
http://www.visa.com:UserSession=2f6q9uuu88312264trzzz55884495&u

seroption=SecurityUpdate&StateLevel=GetFrom@64.21.80.2/~gotier/verified_by_visa.htm


I don't have a Visa card and I don't like that 64.21.80.2 
which is not a
Visa IP, AFAIK.
Anyone else receive it??

regards, Mauro Flores

On Tue, 2003-12-23 at 08:29, Mauro Flores wrote:

-----Forwarded Message-----
From: Visa International Service <security () visa-security com>
Subject: Visa Security Update
Date: 23 Dec 2003 05:24:34 -0600

                                                [image]
                                    
                             Dear Customer,
                                    
Our latest security system will help you to avoid possible

fraud actions

                                  and
                    keep your investments in safety.
                                    
  Due to technical security update you have to reactivate

your account

                                    
     Click on the link below to login to your updated Visa account.
                                    
      To log into your account, please visit the Visa Website at 
                                    
                          http://www.visa.com
                                    
                   We respect your time and business.
                    It's our pleasure to serve you.
                                    
                                    
 Please don't reply to this email. This e-mail was generated

by a mail

                            handling system.
                                    
                                    
                                                [image]
                                    
Copyright 1996-2003, Visa International Service Association.

All rights

                                               reserved.


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Current thread:

visa XSS? Mauro Flores (Dec 23)
- Re: visa XSS? Mauro Flores (Dec 23)
  - Re: visa XSS? jan . muenther (Dec 23)
    - Re: visa XSS? Mauro Flores (Dec 23)
    - Re: visa XSS? Adam Hunt (Dec 23)
- Re: visa XSS? Gary Flynn (Dec 23)
- RE: visa XSS? lists (Dec 23)
- Re: visa XSS? Oliver Gobin (Dec 23)
  - Re: visa XSS? William Warren (Dec 23)
- <Possible follow-ups>
- RE: visa XSS? Knarr, Joshua (Dec 23)
  - Re: visa XSS? jan . muenther (Dec 23)
- RE: visa XSS? Knarr, Joshua (Dec 23)
- Re: visa XSS? Scott Anderson (Dec 23)
  - RE: visa XSS? Bill Royds (Dec 23)
  - Re: visa XSS? Adam Hunt (Dec 23)
- RE: visa XSS? Brown, James (Jim) (Dec 23)
  - Re: visa XSS? Adam Hunt (Dec 23)