Full Disclosure mailing list archives
Confirm Your VISA Card Email
From: Nancy Kramer <nekramer () mindtheater net>
Date: Sun, 25 Jan 2004 14:16:23 -0500
Hello All,Just got the "confirm Your VISA Card" Email. It uses the browser vulnerability where it looks like it is taking you to the VISA site but instead has a long URL after the part you see that seems to take you to an IP address. Haven't really checked it out but and sending it along in case anyone is interested. See below
<A HREF="http://www.visa.com%00@%32%32%30%2E%36%38%2E%32%31%34%2E%32%31%33">www.visa.com</a>
The email that the user sees is html so they would just see the link. Regards, Nancy Kramer Webmaster http://www.americandreamcars.com Free Color Picture Ads for Collector Cars One of the Ten Best Places To Buy or Sell a Collector Car on the Web _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Confirm Your VISA Card Email Nancy Kramer (Jan 25)
- Re: Confirm Your VISA Card Email yossarian (Jan 25)
- RE: Confirm Your VISA Card Email Bill Royds (Jan 25)
- RE: Confirm Your VISA Card Email Nick FitzGerald (Jan 25)
- RE: Confirm Your VISA Card Email Bill Royds (Jan 25)
- Re: Confirm Your VISA Card Email yossarian (Jan 25)