Full Disclosure mailing list archives
Re: F-Secure to release XSS "potential dangers"
From: "Mike M" <mkmaxx () gmail com>
Date: Thu, 27 Jul 2006 09:11:36 +0530
Drama queen From: n3td3v <xploitable () gmail com>
Subject: [Full-disclosure] F-Secure to release XSS "potential dangers" To: n3td3v <n3td3v () googlegroups com> Cc: full-disclosure () lists grok org uk Message-ID: <4b6ee9310607261206o7f502179r96998366f9959997 () mail gmail com> Content-Type: text/plain; charset=ISO-8859-1; format=flowed [snip]Fortunately no one has tried to inject malcious code... yet. We'll finish our draft with more on the potential dangers of XSS for you soon.[/snip] See: http://www.f-secure.com/weblog/ It is a blog entry titled "Netscape hacked". F-Secure to encourage Digg script kiddies to hack Netscape properly? This is highly irresponsible of F-Secure and they should be held legally responsible if the information they release in relation to their "Netscape hacked" blog entry is used maliciously. F-Secure know the enemy of the Netscape web site are reading their blog: See: http://www.digg.com/tech_news/Netscape_com_HACKED_2 Yet, F-Secure are going to release XSS information anyway, to better assist those would-be Digg script kids who want to bring harm to the Netscape, Digg styled web site. The only potential danger will be caused by F-Secure, if they go ahead and release the XSS information they promise to release, in the context of Netscape being hacked. It is the wrong context in which to be talking about releasing malicious XSS code examples. F-Secure will be F-Secure I guess though. Time for important people in the security industry to back me up on this one. Thanks, n3td3v
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- F-Secure to release XSS "potential dangers" n3td3v (Jul 26)
- Re: F-Secure to release XSS "potential dangers" c0ntex (Jul 26)
- Re: F-Secure to release XSS "potential dangers" n3td3v (Jul 27)
- Re: F-Secure to release XSS "potential dangers" Dan B (Jul 27)
- Re: F-Secure to release XSS "potential dangers" n3td3v (Jul 27)
- Re: F-Secure to release XSS "potential dangers" xyberpix (Jul 28)
- Re: F-Secure to release XSS "potential dangers" n3td3v (Jul 27)
- Re: F-Secure to release XSS "potential dangers" c0ntex (Jul 26)
- Re: F-Secure to release XSS "potential dangers" Valdis . Kletnieks (Jul 26)
- Re: F-Secure to release XSS "potential dangers" n3td3v (Jul 27)
- Re: F-Secure to release XSS "potential dangers" c0ntex (Jul 27)
- RE: [lists] Re: F-Secure to release XSS "potential dangers" Curt Purdy (Jul 28)
- Re: F-Secure to release XSS "potential dangers" n3td3v (Jul 27)
- <Possible follow-ups>
- Re: F-Secure to release XSS "potential dangers" Mike M (Jul 26)