Vulnerability Development mailing list archives

/instmsg/alias/annoying_web_logs ;)

From: H D Moore <hdm () digitaloffense net>
Date: Mon, 14 Oct 2002 17:42:15 -0500

I get billions of these things too, its part of some MSN groups/chat 
thing, essentially it takes requests the "alias" of the email address 
(dave () immunitysec com => /instmsg/alias/dave). Might be fun to send back 
some looooong responses ;) My favorites are all the ones that originate 
from microsoft "tide" addresses... They send me some funny referrers from 
their intranet servers once in a while too.

---
"Immunity also gets a lot of requests for /instmsg/alias/dave, which 
doesn't exist. I'm curious what web client plugin causes this behavior. 
And, I've noticed FrontPage makes PROPFIND, /_vti_bin/shtml.dll, and 
other FrontPage-style requests. Somewhere here I smell an exploitable 
client-side vulnerability."
---

Current thread:

Re: CROSS SITE-SCRIPTING Protection with PHP, (continued)
- - Re: CROSS SITE-SCRIPTING Protection with PHP Marvin Simkin (Oct 11)
    - Re: CROSS SITE-SCRIPTING Protection with PHP Sverre H. Huseby (Oct 12)
    - RE: CROSS SITE-SCRIPTING Protection with PHP Rob Shein (Oct 14)
    - Re: CROSS SITE-SCRIPTING Protection with PHP Sverre H. Huseby (Oct 14)
    - Re: CROSS SITE-SCRIPTING Protection with PHP Sverre H. Huseby (Oct 14)
    - Re: CROSS SITE-SCRIPTING Protection with PHP Valdis . Kletnieks (Oct 14)
    - Re: CROSS SITE-SCRIPTING Protection with PHP Dan Kaminsky (Oct 14)
    - Hashes,File protection,etc Dave Aitel (Oct 14)
    - Re: Hashes,File protection,etc Dan Kaminsky (Oct 14)
    - Re: Hashes,File protection,etc Dave Aitel (Oct 14)
    - /instmsg/alias/annoying_web_logs ;) H D Moore (Oct 15)
    - Re: /instmsg/alias/annoying_web_logs ;) zeno (Oct 15)
    - Re: /instmsg/alias/annoying_web_logs ;) Dave Aitel (Oct 15)
    - Re: /instmsg/alias/annoying_web_logs ;) zeno (Oct 15)
    - RE: /instmsg/alias/annoying_web_logs ;) Elan Hasson (Oct 15)
    - RE: /instmsg/alias/annoying_web_logs ;) Dave Aitel (Oct 16)
    - Re: /instmsg/alias/annoying_web_logs ;) zeno (Oct 16)
    - Re: /instmsg/alias/annoying_web_logs ;) Chip McClure (Oct 15)
    - RE: /instmsg/alias/annoying_web_logs ;) Shawn K. Hall (RA/Security) (Oct 20)
    - Re: Hashes,File protection,etc Tony (Oct 15)
    - Re: Hashes,File protection,etc Roland Postle (Oct 15)

(Thread continues...)