Also
https://isc.sans.edu/diary.html?storyid=10318
Juha-Matti
Michal Zalewski [lcam...@coredump.cx] kirjoitti:
> FYI, here's a provisional advisory from Microsoft acknowledging this issue:
> http://www.microsoft.com/technet/security/advisory/2501696.mspx
>
> /mz
>
nice work to MS
now, let us to wait for the FIX .
.
gogogo
[image: 2000]
hitest
2011/1/28 Michal Zalewski :
> FYI, here's a provisional advisory from Microsoft acknowledging this
issue:
> http://www.microsoft.com/technet/security/advisory/2501696.mspx
>
> /mz
>
_
FYI, here's a provisional advisory from Microsoft acknowledging this issue:
http://www.microsoft.com/technet/security/advisory/2501696.mspx
/mz
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted
Not a google vuln.
Hunt down MSFT to pay for your bug.
Oh wait they dont pay for free research.. 0noz, you wont get any candy !
2011/1/27, IEhrepus <5up3r...@gmail.com>:
> Security is a general,Many security issues are composed of many
> different vulnerabilities of different factory.
>
> like " m
Security is a general,Many security issues are composed of many
different vulnerabilities of different factory.
like " mhtml:http://www.google.com/gwt/n?u=[mhtml file url]! " this vul
so we come back this vul need two Conditions
On Wed, 26 Jan 2011 21:43:28 PST, Michal Zalewski said:
> The real problem is that when mhtml: is used to fetch the container
> over an underlying protocol, it does not honor Content-Type and
> related headers (or even "nosniff").
Geez. It's 2011, and people are *still* doing that same basic erro
> 1.www.google.com app don't filter the CRLF
This is not strictly required; there are other scenarios where this
vulnerability is exploitable.
> 2.IE support mhtml protocol handler to render the mhtml file format,
> and this is the why mhtml: is designed
The real problem is that when mhtml: is u
Obviously this problem is not clear. A very similar problem ,like the
"HTTP Response Splitting" ,Whose vulnerability? webapp or Server-side
language?
so we come back this vul need two Conditions
1.www.google.com app don't filter the CRLF
2.IE support mhtml protocol handler to render the mhtml fi
> I woudn't like to discourage ppl submitting vulns to vendors but this is the
> response you'll most likely to get from those kind of vendors no matter what
> you found in their system. I had more than a dozen similar experience like
> yours. Now it's public + fixed and you gotta get nothing besid
ng beside these
replies (:
> Message: 10
> Date: Wed, 26 Jan 2011 01:33:16 -0800
> From: IEhrepus <5up3r...@gmail.com>
> Subject: [Full-disclosure] www.google.com xss vulnerability Using
>mhtml
> To: full-disclosure@lists.grok.org.uk
> Cc: s...@rckc.at
> Mess
Football field? More like dodgeball !!!
On Wed, Jan 26, 2011 at 10:33 AM, IEhrepus <5up3r...@gmail.com> wrote:
> Long, long time ago, we heard an interesting legend is www.google.com
> will Pay for its vulnerability,so we want to try ...
>
> lucky,A vulnerability has been caught by my friend
> PZ
Long, long time ago, we heard an interesting legend is www.google.com
will Pay for its vulnerability,so we want to try ...
lucky,A vulnerability has been caught by my friend
PZ[http://hi.baidu.com/p__z], this vul is base on 《Hacking with mhtml
protocol
handler》[http://www.80vul.com/mhtml/Hacking%
12 matches
Mail list logo
