Full Disclosure mailing list archives
Re: nVidia.com [Url Redirection flaw]
From: Rubén Camarero <rjcamarero () gmail com>
Date: Thu, 26 Mar 2009 12:38:16 -0400
I shall count the seconds it take for Mr. Mac.User to switch internet pages to go to Mr. Lincoln's gmail and write a reply to himself: 1, 2, finish it for me! On Thu, Mar 26, 2009 at 12:34 PM, <mac.user () mac hush com> wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 My favourite sort of internet personality is one that trolls grammar nazis in their well structured insults against the intelligence of others. Bravo my friend. On Thu, 26 Mar 2009 01:09:38 -0400 Rubén Camarero <rjcamarero () gmail com> wrote:_You_ are two dim to imagine that this issue is more like a bug than a vulnerability. If _you_ did try to imagine it, your head would probably explode and xssme would ooze out. On Thu, Mar 26, 2009 at 12:42 AM, Nick FitzGerald <nick () virus-l demon co uk>wrote:Rubén Camarero wrote:What great references. Owasp isn't the king of vulnerabilityinformation,ofcourse a website named XSSed is going to count this as superserious, andwhile I respect Insecure.. these days, people have exploitedweb bugs totheir max (and I'm waiting for more), but they aren't directlyserious.DIRECTLY is the key word.No, but just because this kind of vulnerability is "only"indirectlyserious dosen't mean that they aren't serious. Just because _you_ are too dim to imagine a way that someone canprofitsignificantly from exploiting this does not mean that there arenot suchmethods, NOR that use of such exploits won't "damage" nVidia. Whether nVidia (and others affected by so many similarvulnerabilities)will see this and decide to take action is what really matters.In thisregard, I certainly hope that you do not work for, or consultwith, orotherwise represent the view of nVidia on this issue. Regards, Nick FitzGerald _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/-- Rubén Camarero CCNA, CISSP-----BEGIN PGP SIGNATURE----- Charset: UTF8 Version: Hush 3.0 Note: This signature can be verified at https://www.hushtools.com/verify wpwEAQMCAAYFAknLrq4ACgkQfuF4tUz/X+JKzAP/ViirowPihAisi1DFEi4W6jOn/CwQ sAU9c5riwPvj5DrYfZYblg2BIduxBYweSAwrcA8TnJNBaBKOIv1weO2MclqEp11xq+Z3 UfR2UpkldfMWzHpfGkxhwcz2xcy5T9PN/79IGnGk3xiG8zW2eBo88yNrhiE7x2e9PFjI BOCaN9A= =gYB5 -----END PGP SIGNATURE----- -- Free information on the best Web Hosting. Click Now! http://tagline.hushmail.com/fc/BLSrjkqe38U7zLZKJoIcSfnZcCPMg2m3CMMZbrY9em4IiOArRQ7ukNi4nK4/
-- Rubén Camarero CCNA, CISSP
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Re: nVidia.com [Url Redirection flaw], (continued)
- Re: nVidia.com [Url Redirection flaw] Anders Klixbull (Mar 25)
- Re: nVidia.com [Url Redirection flaw] mac . user (Mar 25)
- Fwd: nVidia.com [Url Redirection flaw] Lorenzo Vogelsang (Mar 25)
- Re: Fwd: nVidia.com [Url Redirection flaw] Jeremy Brown (Mar 25)
- Re: Fwd: nVidia.com [Url Redirection flaw] Pete Licoln (Mar 25)
- Fwd: nVidia.com [Url Redirection flaw] Lorenzo Vogelsang (Mar 25)
- Re: Fwd: nVidia.com [Url Redirection flaw] mac . user (Mar 26)
- Fwd: Fwd: nVidia.com [Url Redirection flaw] Lorenzo Vogelsang (Mar 26)
- Re: Fwd: nVidia.com [Url Redirection flaw] mac . user (Mar 26)
- Re: Fwd: nVidia.com [Url Redirection flaw] Pete Licoln (Mar 26)
- Re: nVidia.com [Url Redirection flaw] mac . user (Mar 26)
- Re: nVidia.com [Url Redirection flaw] Rubén Camarero (Mar 26)
- Re: nVidia.com [Url Redirection flaw] Pete Licoln (Mar 26)
- Re: nVidia.com [Url Redirection flaw] Rubén Camarero (Mar 26)
- Re: nVidia.com [Url Redirection flaw] mac . user (Mar 26)