Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Phun! Search

From: Bernhard Mueller <research () sec-consult com>
Date: Fri, 24 Mar 2006 00:19:40 +0100
Hello,

n3td3v wrote:


I have exploit code for this issue, which the list won't be getting >
hold of. The disclosure was to show that I can ask the slurp robot to
cache an account on the public index,... bla,...


There's no need at all to cache anything at all.

http://mtf.news.yahoo.com/mailto?prop=mycstore&locale=us&h2=n3td3v

will give you the same result as

http://66.218.69.11/search/cache?ei=UTF-8&p=n3td3v&fr=sfp&u=mtf.news.yahoo.com/mailto%3Furl%3Dhttp%253A//e.my.yahoo.com/config/cstore%253F.opt%3Dcontent%2526.node%3D1%2526.sid%3D171771%26title%3DChoose+Content%26prop%3Dmycstore%26locale%3Dus%26h1%3Dymessenger+at+Yahoo%21+Groups%26h2%3Dn3td3v%26h3%3Dhttp%253A//my.yahoo.com&w=n3td3v&d=U5wy1m1aMbOe&icp=1&.intl=us
(your "Concept").

Sorry to tell you, but there is no vulnerability involved here (except
maybe a lame XSS, didn't try that though).

--
Bernhard

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Previous By Date Next
Previous By Thread Next

Current thread: