Thursday, June 10, 2004
The following was presented by 'bitlance winter' of Japan today:
a href=http://www.microsoft.com%2F redir=www.e-
gold.comtest/a
Quite inexplicable from these quarters. Perhaps someone with
server 'knowledge' can examine it.
It carries over the address into the
Subject: [Full-Disclosure] COELACANTH: Phreak Phishing Expedition
From:[EMAIL PROTECTED] [EMAIL PROTECTED]
Date:Thu, June 10, 2004 12:35 pm
To: [EMAIL PROTECTED]
--
Thursday, June 10, 2004
http://www.malware.com/golly.html
I see no pattern at all, but this works on some systems for me and not on others. On
some I get to Microsoft, some to e-gold.com.
And WTF is it with www.e-gold.com? Nothing else seems to work at all.
Larry Seltzer
eWEEK.com Security Center Editor
web site on it's own IP these
days.
Scott P
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Larry Seltzer
Sent: Thursday, June 10, 2004 10:23 PM
To: [EMAIL PROTECTED]
Subject: RE: [Full-Disclosure] COELACANTH: Phreak Phishing Expedition
http
Larry Seltzer [EMAIL PROTECTED] wrote:
And WTF is it with www.e-gold.com? Nothing else seems to work at all.
e-gold has wildcard DNS, so anything.e-gold.com will work. For other
domains the hostname lookup stage may fail.
(I guess... I can't actually get the exploit to work for me, but still.)