Just READ the post and find this page http://translate.google.com/translate?u=http%3A%2F%2Fwebsecurity.com.ua%2F2454%2F&sl=uk&tl=en&hl=fr&ie=UTF-8
************************ Cluster #[[ Memisyazici, Aras ]] possibly emitted, @Time [[ 02/11/2009 14:51 ]] The Following #String ********************** > MustLive: > > I really don't want to start a flame-war nor am I trying to belittle you or > your work but... > > Your "article", unless I misunderstood, is useless. To explain further, your > article lacks substance. For instance you state: "could be used in DoS attack > for browsers" yet you provide no working PoC/example(s) > > What about mitigation? What about prevention? > > No offense but scare-tactics don't help ANYBODY... As a sysadmin, I would've > appreciated some more details or at least some answers to my questions above! > :) > > In any case, thank you for putting together such an entry and look forward to > your continued, hopefully improved research results! > > Sincerely, > Aras 'Russ' Memisyazici > Systems Administrator > Virginia Tech > > ---------------------------------------------------------------------- > > Date: Sat, 31 Oct 2009 23:24:50 +0200 > From: "MustLive" <mustl...@websecurity.com.ua> > Subject: [Full-disclosure] Dark side of bookmarks > To: <full-disclosure@lists.grok.org.uk> > Hello participants of Full-Disclosure! > > After my articles about different attacks via redirectors - Redirectors: the > phantom menace (http://websecurity.com.ua/3495/) and Attacks via closed > redirectors (http://websecurity.com.ua/3531/), here is my new article. This > time about attacks via bookmarks. In article Dark side of bookmarks > (http://websecurity.com.ua/3643/) I'll tell you about risks of bookmarks in > browsers. > > There are possible next attacks via bookmarks: > > 1. Spam. > 2. Phishing. > 3. Malware spreading. > 4. DoS attacks. > > You can read the article Dark side of bookmarks at my site: > http://websecurity.com.ua/3643/ > > Best wishes & regards, > MustLive > Administrator of Websecurity web site > http://websecurity.com.ua > > ------------------------------ > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ > > > _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/