Full Disclosure mailing list archives
XSS Vulnerabilities at Sun, IBM, Verisign, AOL, F-Secure, eEye
From: "Valery Marchuk" <tecklord () argocom cv ua>
Date: Mon, 14 Aug 2006 22:36:02 +0300
Why world's leading security companies don't take care of their security? I`ve published some of XSS vulnerabilities in my blog and forwarded them to full-disclosure. But it seems like leading security companies don`t even think of fixing these bugs. Cisco, Microsoft, Symantec, NSA, F-Secure, AOL, Sun, IBM, eEye still have vulnerabilities in their web sites. Is there any chance to protect ourselves from this threat? How can we trust these companies, if their web sites may allow hackers to compromise our computers and get access to our bank accounts? Demostration exploit of XSS vulnerability at Verisign is availabe at http://www.securitylab.ru/verisign.php Other vulnerabilities cat be found at http://www.securitylab.ru/blog/tecklord/?category=19 Have a nice day, Valery
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- XSS Vulnerabilities at Sun, IBM, Verisign, AOL, F-Secure, eEye Valery Marchuk (Aug 14)
- Re: XSS Vulnerabilities at Sun, IBM, Verisign, AOL, bugtraq (Aug 14)