-
February 7th, 2002, 11:40 PM
#1
New IE vulnerability !!!
A malicious user can create a form which is submitted by the victim (automatically using Active Scripting or manually using Social Engineering). This form can cause a non-HTTP service to echo back JavaScript commands which in turn allow the malicious user to steal the cookie for that domain. There are more uses for this attack, other than just stealing cookies.
Read more at www.xatrix.org
Thanks!!
-
February 7th, 2002, 11:50 PM
#2
Keep it up kid and your going to get your butt kicked out of here.
You only need to post once.
-
February 8th, 2002, 12:58 AM
#3
um...DjM...I seem to be a bit out of the loop here...what has Kobras been doing that deserves that comment?
Please pardon my ignorance in this matter
Preliminary operational tests were inconclusive (the dang thing blew up)
\"Ask not what the kernel can do for you, ask what you can do for the kernel!\"
-
February 8th, 2002, 01:23 AM
#4
I agree. He posted once, and did a good post. I see no problem with what he did and I am behind you Kezil.
[shadow]uraloony, Founder of Loony Services[/shadow]
Visit us at
[gloworange]http://www.loonyservices.com/[/gloworange]
-
February 8th, 2002, 01:36 AM
#5
I agree....he sometimes double posts but not on this thread. He always tries to stay on topic also..as in security related posts..lets not discourage someone because they have made a mistake or two in the past.
KOBBRAS..good job and thanks for the heads up
-
February 8th, 2002, 02:38 AM
#6
Member
good post, kobbras
rgds
de
-
February 8th, 2002, 04:49 AM
#7
I hate to bring this back out of the archives but I'm going to agree with DJM. This has been posted 2 or 3 times already. Perhaps there are still copies of the other IE vulnerabilty posts floating around here somewhere or perhaps JP deleted them. I'd have a quick look but I've got to get my sorry ass to work!
KOBBRAS use to post numerous xatrix posts on alt.2600.hackerz untill someone pointed out that ENOUGH IS ENOUGH! We all know where xatrix is and alot of us already have a quick look there before coming to AO.
As I said this morning, KOBBRAS, if you have some kinda crazy addiction with cut and pasting xatrix articles at least add your own commentary at the end...
Just a suggestion....
-
February 8th, 2002, 04:57 AM
#8
Here we go. Just to back DJM and myself up, you can find two of the exact same threads HERE and HERE. There are a few more but I couldn't be bothered finding them........
-
February 8th, 2002, 04:04 PM
#9
Thanks Conf1rm3d_kill, I knew I wasn't crazy. When a first replied to this post, it was his third in a row and he/she did the same thing with a BlackIce post. It was just getting a little annoying.
-
February 11th, 2002, 12:14 AM
#10
Hm, i trying to post first some security news guys, and I apologize everybody if I post some threads "after" someone else with same theme, beceause it is not attentionly.Really it isnt...
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|