Bugtraq mailing list archives
Re: Webmail.bellsouth.net security problems
From: alan () LXORGUK UKUU ORG UK (Alan Cox)
Date: Thu, 27 Aug 1998 02:51:44 +0100
blah <a href="Javascript:clickSubmit()">link text here</a> blah blah blah </FORM> Following the link should then submit the form.
That doesnt cover non javascript browsers, so you've just eliminated the hackers and the blind in one move. A better approach is to also include a non javascript target that is a cgi whose sole purpose is to redirect the user on again but with a clean referrer
Current thread:
- Re: Webmail.bellsouth.net security problems Rude Yak (Aug 26)
- Security Hole in Axent ESM dcupp () SNAKEBITE COM (Aug 26)
- Re: Security Hole in Axent ESM Gene Spafford (Aug 26)
- Re: Webmail.bellsouth.net security problems Alan Cox (Aug 26)
- Security Hole in Axent ESM dcupp () SNAKEBITE COM (Aug 26)