Full Disclosure mailing list archives
RE: Re: Google is vulnerable from XSS attack
From: "jpierini" <jpierini () hotmail com>
Date: Wed, 7 Dec 2005 09:09:35 -0800
N3td3v, I'm just a CISSP, and as discussed numerous times I'm without the elite mad skills of a hacker (XSS wasn't even on our test!), so it's my guess you must have found something so amazing insidious, so heavily integrated into the very bowels of their system, that they're beside themselves with terror. Oh, those 0-day exploit releases! Why won't the hacking community give the vendors a reasonable amount of time to cover their asses? Still, the damage is done, and I'm sure it weighs heavily on your conscious. Don't blame yourself, I'm sure that if they had just listened to what you had to say regarding Yahoo, they could have saved themselves all this misery. You're a wry one Mr. N3td3v, use your powers for good. Joseph Pierini, CISSP -----Original Message----- From: full-disclosure-bounces () lists grok org uk [mailto:full-disclosure-bounces () lists grok org uk] On Behalf Of n3td3v Sent: Wednesday, December 07, 2005 6:25 AM To: full-disclosure () lists grok org uk Subject: Re: [Full-disclosure] Re: Google is vulnerable from XSS attack Four days on and Google has yet to implement a patch. I guess groups getting deleted, harvesting of e-mail addresses, and theft of Google / Gmail accounts isn't that important. :-( On 12/5/05, Joseph Pierini <jpierini () hotmail com> wrote:
N3td3v, Thanks for the info. Wow, it must have been an exhaustive search to find that needle in a haystack. I'm sure Google appreciates your time and
effort.
Keep up the good work! -J
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Re: Google is vulnerable from XSS attack, (continued)
- Re: Google is vulnerable from XSS attack InfoSecBOFH (Dec 03)
- Re: Google is vulnerable from XSS attack n3td3v (Dec 03)
- Re: Google is vulnerable from XSS attack bugtraq (Dec 03)
- Re: Google is vulnerable from XSS attack n3td3v (Dec 04)
- Re: Google is vulnerable from XSS attack ghost (Dec 05)
- Re: Google is vulnerable from XSS attack InfoSecBOFH (Dec 04)
- RE: Google is vulnerable from XSS attack Joseph Pierini (Dec 04)
- Re: Google is vulnerable from XSS attack InfoSecBOFH (Dec 03)
- RE: Re: Google is vulnerable from XSS attack Joseph Pierini (Dec 05)
- Re: Re: Google is vulnerable from XSS attack n3td3v (Dec 07)
- RE: Re: Google is vulnerable from XSS attack jpierini (Dec 07)
- Message not available
- Re: Re: Google is vulnerable from XSS attack n3td3v (Dec 07)
- Re: Re: Google is vulnerable from XSS attack Morning Wood (Dec 07)
- Re: Re: Google is vulnerable from XSS attack n3td3v (Dec 07)
- Re: Re: Google is vulnerable from XSS attack ad () heapoverflow com (Dec 07)
- Re: Re: Google is vulnerable from XSS attack c0ntex (Dec 07)
- Re: Re: Google is vulnerable from XSS attack c0ntex (Dec 07)
- Re: Re: Google is vulnerable from XSS attack InfoSecBOFH (Dec 07)
- Re: Re: Google is vulnerable from XSS attack n3td3v (Dec 07)
- Re: Re: Google is vulnerable from XSS attack InfoSecBOFH (Dec 07)
- Re: Re: Google is vulnerable from XSS attack n3td3v (Dec 07)