Full Disclosure mailing list archives
iName/Mail.com security holes opens door to millions of e-mail accounts
From: full-disclosure () lists netsys com (Colt Peacemaker)
Date: Fri, 30 Aug 2002 05:46:37 +0000
AGT (Andrew G. Tereschenko) writes:
AGT> It takes for me 6 minutes to invent another example of this bug. AGT> Not a 100% result, expected ~30%. AGT> It's an extremly easy to cut navigation items from down of page AGT> by using unclosed comments. AGT> Inserting own (linked to evil host) is a one minute task. Heh. Posting on full-disclosure seems to have set the cat among the pigeons there ... AFAICT they seem to have disabled a lot of other stuff over the last 12 hours or so (javascript for example). --cp -- Colt Peacemaker (colt45 () sdf lonestar org)
Current thread:
- iName/Mail.com security holes opens door to millions of e-mail accounts Andrew G. Tereschenko (Aug 28)
- iName/Mail.com security holes opens door to millions of e-mail accounts Colt Peacemaker (Aug 29)
- iName/Mail.com security holes opens door to millions of e-mail accounts Andrew G. Tereschenko (Aug 29)
- iName/Mail.com security holes opens door to millions of e-mail accounts Colt Peacemaker (Aug 29)
- iName/Mail.com security holes opens door to millions of e-mail accounts Andrew G. Tereschenko (Aug 30)
- iName/Mail.com security holes opens door to millions of e-mail accounts Andrew G. Tereschenko (Aug 29)
- iName/Mail.com security holes opens door to millions of e-mail accounts Colt Peacemaker (Aug 29)
- iName/Mail.com security holes opens door to millions of e-mail accounts Berend-Jan Wever (Aug 31)