Full Disclosure mailing list archives
Re: Yahoo XSS
From: "Berend-Jan Wever" <SkyLined () edup tudelft nl>
Date: Tue, 8 Jul 2003 16:37:51 +0200
XSS bugs in webpages are so yesterday... I spent one day searching for XSS holes about a year ago and there was not one site that wasn't vulnerable in one way or another. (Real Player, Adobe, Napster, Altavista, Yahoo, Netscape, Ebay, Amazon, Redhat, Microsoft, Google, Cnet, Anonymizer, Lycos, ...) Most of these are still not fixed, even though I reported them all. More interesting offcourse are XSS bugs in yahoo webmail: [SCRIPT][STYLE]*{width:expression(alert("whoops"))}[/STYLE][/SCRIPT] Put that in HTML mail to a yahoo user and you've got yourself another vector for mass-mailing worms. I allready wrote a PoC mass-mailing worm in jscript for hotmail, since they've had XSS issues in the past too. Hotmail is one of the very few sites that took these vulnerabilities seriously and fixed them within a few hours. Even though their virus scanning partner, McAfee was unreachable when I wanted to show them their scanners didn't detect my jscript worm. Cheers! SkyLined ----- Original Message ----- From: "morning_wood" <se_cur_ity () hotmail com> To: <full-disclosure () lists netsys com>; "0day" <0day () nothackers org> Sent: Tuesday, July 08, 2003 6:53 Subject: [Full-disclosure] Yahoo XSS
Interesting...
http://search.yahoo.com/search?p=%3Cscript%3Ealert%28%22You+are+vunerable+to+xss+-+discovered+by+morning_wood+http%3A%2F%2Fexploitlabs.com%22%29%3C%2Fscript%3E&ei=UTF-8&fr=msgr-buddy&vm=i&n=20&fl=0&x=wrt
morning_wood http://exploitlabs.com _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Yahoo XSS morning_wood (Jul 07)
- Re: Yahoo XSS MadHatter (Jul 08)
- Re: Yahoo XSS Berend-Jan Wever (Jul 08)