-header redirectors.
Best wishes regards,
MustLive
Administrator of Websecurity web site
http://websecurity.com.ua
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia
and
previous versions.
I mentioned about this vulnerability at my site
(http://websecurity.com.ua/3500/).
Best wishes regards,
MustLive
Administrator of Websecurity web site
http://websecurity.com.ua
___
Full-Disclosure - We believe in it.
Charter: http
-known aphorism).
Especially it's feature in hacker's hands ;-).
Best wishes regards,
MustLive
Administrator of Websecurity web site
http://websecurity.com.ua
- Original Message -
From: Tхnu Samuel t...@jes.ee
To: MustLive mustl...@websecurity.com.ua
Cc: full-disclosure@lists.grok.org.uk
Sent
be
done via flash.
Referer: 'scriptalert(document.cookie)/script
Vulnerable are E107 0.7.16 and previous versions (all versions).
I mentioned about this vulnerability at my site
(http://websecurity.com.ua/3528/).
Best wishes regards,
MustLive
Administrator of Websecurity web site
http
versions of E107.
I mentioned about these vulnerabilities at my site
(http://websecurity.com.ua/2841/).
Best wishes regards,
MustLive
Administrator of Websecurity web site
http://websecurity.com.ua
___
Full-Disclosure - We believe in it.
Charter: http
/).
Best wishes regards,
MustLive
Administrator of Websecurity web site
http://websecurity.com.ua
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Hello YGN Ethical Hacker Group!
Thanks, MustLive for utilizing pkcs.
You are welcome.
From the way you did, one idea is to go through the bug zilla list and
test the different way that firefox developers still need to fill the gap
of security.
Yes, it's quite possible way to find new
://websecurity.com.ua/3643/
Best wishes regards,
MustLive
Administrator of Websecurity web site
http://websecurity.com.ua
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored
versions (and possible next
versions too).
I mentioned about this vulnerability at my site
(http://websecurity.com.ua/3658/).
Best wishes regards,
MustLive
Administrator of Websecurity web site
http://websecurity.com.ua
___
Full-Disclosure - We believe
://websecurity.com.ua/3660/) I'll tell you about risks of homepage
function in browsers.
There are possible next attacks via homepage function:
1. Spam.
2. Phishing.
3. Malware spreading.
4. DoS attacks.
You can read the article Dark home at my site:
http://websecurity.com.ua/3660/
Best wishes regards,
MustLive
made in 2007. Take care of your plugins for WP and
web sites which use them.
Best wishes regards,
MustLive
Administrator of Websecurity web site
http://websecurity.com.ua
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full
regards,
MustLive
Administrator of Websecurity web site
http://websecurity.com.ua
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
). To not allow vulnerabilities at these pages.
Best wishes regards,
MustLive
Administrator of Websecurity web site
http://websecurity.com.ua
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted
Apache.
And also this method allows to search for hidden information. All versions
of Apache (1.x and 2.x) with appropriate settings are affected to this
method.
You can read the article Fingerprinting of Apache web server at my site:
http://websecurity.com.ua/3725/
Best wishes regards,
MustLive
and released
fix for it in my MustLive Security Pack (http://websecurity.com.ua/1896/).
In 2008 there was found Cross-Site Scripting vulnerability in IPB
(http://securityvulns.ru/Tdocument862.html) via htm and html files in
attachments. It was concerned Internet Explorer, in which a code
applications, which use this function and show its results,
can be vulnerable to XSS.
So web developers always need to check their projects on presence of XSS
vulnerabilities in messages about errors at requests to DB. To not allow
such vulnerabilities.
Best wishes regards,
MustLive
Administrator
/, ddlspot.com/.
And also (quote):
Yes, this site has hosted malicious software over the past 90 days. It
infected 9 domain(s), including tisuituputih.blogspot.com/,
enfermagemsu.blogspot.com/, elltoro.com/.
Best wishes regards,
MustLive
Administrator of Websecurity web site
http
wishes regards,
MustLive
Administrator of Websecurity web site
http://websecurity.com.ua
- Original Message -
From: Michele Orru antisnatc...@gmail.com
To: MustLive mustl...@websecurity.com.ua
Cc: full-disclosure@lists.grok.org.uk
Sent: Saturday, December 19, 2009 9:25 PM
Subject: Re
://websecurity.com.ua/3789/
Best wishes regards,
MustLive
Administrator of Websecurity web site
http://websecurity.com.ua
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http
mentioned about this vulnerability at my site
(http://websecurity.com.ua/3801/).
Best wishes regards,
MustLive
Administrator of Websecurity web site
http://websecurity.com.ua
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk
site:
http://websecurity.com.ua/3814/
Best wishes regards,
MustLive
Administrator of Websecurity web site
http://websecurity.com.ua
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted
vulnerabilities in 8
millions flash files (http://websecurity.com.ua/3789/). Which you can read.
Best wishes regards,
MustLive
Administrator of Websecurity web site
http://websecurity.com.ua
- Original Message -
From: Andrew Farmer andf...@gmail.com
To: MustLive mustl...@websecurity.com.ua
Cc
have never though about suicide and even was
not thinking to think about it :-).
I hope you also have no such thoughts. Because writing such not serious letters
as yours can lead to risk of such thoughts. So take care of yourself.
Best wishes regards,
MustLive
Administrator of Websecurity web
: use your time more wiser.
Best wishes regards,
MustLive
Administrator of Websecurity web site
http://websecurity.com.ua
- Original Message -
From: Jeff Williams
To: MustLive
Cc: full-disclosure@lists.grok.org.uk
Sent: Monday, January 04, 2010 5:29 AM
Subject: Re: [Full-disclosure
classes of XSS holes
or attacks, but about most common places of XSS. I.e. I'm showing examples
of bad practices to force web developers to make more secure web sites.
Best wishes regards,
MustLive
Administrator of Websecurity web site
http://websecurity.com.ua
- Original Message -
From
about this vulnerability at my site
(http://websecurity.com.ua/3839/).
Best wishes regards,
MustLive
Administrator of Websecurity web site
http://websecurity.com.ua
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure
of sites with vulnerable flashes (particularly
tagcloud.swf) it's needed either to fix them by themselves, or to turn to
their developers.
Best wishes regards,
MustLive
Administrator of Websecurity web site
http://websecurity.com.ua
___
Full-Disclosure
/).
You can read the article The future of XSS attacks at my site:
http://websecurity.com.ua/3878/
Best wishes regards,
MustLive
Administrator of Websecurity web site
http://websecurity.com.ua
___
Full-Disclosure - We believe in it.
Charter: http
this vulnerability at my site
(http://websecurity.com.ua/3883/).
Best wishes regards,
MustLive
Administrator of Websecurity web site
http://websecurity.com.ua
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
(including last version XAMPP 1.7.1).
-
Best wishes regards,
MustLive
Administrator of Websecurity web site
http://websecurity.com.ua
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure
and previous versions. And potentially next
versions (including last version XAMPP 1.7.1).
-
Best wishes regards,
MustLive
Administrator of Websecurity web site
http://websecurity.com.ua
___
Full-Disclosure - We believe
='
Vulnerable are XAMPP 1.6.8 and previous versions. And potentially next
versions (including last version XAMPP 1.7.1).
-
Best wishes regards,
MustLive
Administrator of Websecurity web site
http://websecurity.com.ua
___
Full
).
-
Best wishes regards,
MustLive
Administrator of Websecurity web site
http://websecurity.com.ua
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http
at my site
(http://websecurity.com.ua/3927/).
Best wishes regards,
MustLive
Administrator of Websecurity web site
http://websecurity.com.ua
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted
-02/msg00024.html
Best wishes regards,
MustLive
Administrator of Websecurity web site
http://websecurity.com.ua
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http
://site/search/’/
SQL Injection:
http://site/search/'%20and%20version()%3E5--%20/
XSS:
http://site/search/'1%3Cbody%20onload=alert(document.cookie)%3E/
Vulnerable is Hydra Engine 1.0.
Best wishes regards,
MustLive
Administrator of Websecurity web site
http://websecurity.com.ua
/referaty/1'+benchmark(1,md5(now()))-’1/
http://site/rus/’+benchmark(1,md5(now()))+’/
Vulnerable are all versions of Abton before the version where developers
fixed these holes.
Best wishes regards,
MustLive
Administrator of Websecurity web site
http://websecurity.com.ua
):
http://site/files.php?refdll=-1+union+select+’../file.php’%23
Vulnerable are all versions of Abton before the version where developers
fixed these holes.
Best wishes regards,
MustLive
Administrator of Websecurity web site
http://websecurity.com.ua
for Internet users in my interview at
Data Security Podcast (http://websecurity.com.ua/3810/).
Best wishes regards,
MustLive
Administrator of Websecurity web site
http://websecurity.com.ua
___
Full-Disclosure - We believe in it.
Charter: http
regards,
MustLive
Administrator of Websecurity web site
http://websecurity.com.ua
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
wishes regards,
MustLive
Administrator of Websecurity web site
http://websecurity.com.ua
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
knowing that the password matches), because at a
request to them the access will be granted automatically.
Vulnerable are WordPress 2.9.2 and previous versions (all 2.x versions). I
tested in different versions of WP, particularly in 2.0.11 and 2.9.2.
Best wishes regards,
MustLive
Administrator
With setting of large values of width and height it's possible to create
large load at the server.
Vulnerable are WeBAM 1.x versions.
Best wishes regards,
MustLive
Administrator of Websecurity web site
http://websecurity.com.ua
___
Full-Disclosure - We believe
mentioned before (http://websecurity.com.ua/4043/).
DoS:
http://site/CaptchaSecurityImages.php?width=1000height=9000
With setting of large values of width and height it's possible to create
large load at the server.
Vulnerable are TooFAST 1.5 and previous versions.
Best wishes regards,
MustLive
=1000height=9000
With setting of large values of width and height it's possible to create
large load at the server.
Vulnerable are all versions of ArcManager.
Best wishes regards,
MustLive
Administrator of Websecurity web site
http://websecurity.com.ua
in
this subject, can read the article.
Best wishes regards,
MustLive
Administrator of Websecurity web site
http://websecurity.com.ua
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored
/CaptchaSecurityImages.php?width=1000height=9000
With setting of large values of width and height it's possible to create
large load at the server.
Vulnerable MiniManager for Project MANGOS 0.15 and previous versions.
Best wishes regards,
MustLive
Administrator of Websecurity web site
http
/CaptchaSecurityImages.php?width=1000height=9000
With setting of large values of width and height it's possible to create
large load at the server.
Vulnerable are all versions of NoCMS.
Best wishes regards,
MustLive
Administrator of Websecurity web site
http://websecurity.com.ua
versions.
Best wishes regards,
MustLive
Administrator of Websecurity web site
http://websecurity.com.ua
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http
PHP Edition 1.0.1 and previous versions.
Best wishes regards,
MustLive
Administrator of Websecurity web site
http://websecurity.com.ua
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted
wishes regards,
MustLive
Administrator of Websecurity web site
http://websecurity.com.ua
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
of
Bugs in Captchas.
DoS:
http://site/class/captcha/CaptchaSecurityImages.php?width=1000height=9000
With setting of large values of width and height it's possible to create
large load at the server.
Best wishes regards,
MustLive
Administrator of Websecurity web site
http://websecurity.com.ua
.
Directory Traversal (via SQL Injection):
http://site/?fun=-1%20union%20select%201,0,char(46,46,47,46,104,116,97,99,99,101,115,115),1
Including of .htaccess.
Full path disclosure:
http://site/?fun=-1
Best wishes regards,
MustLive
Administrator of Websecurity web site
http://websecurity.com.ua
possible to create
large load at the server.
Best wishes regards,
MustLive
Administrator of Websecurity web site
http://websecurity.com.ua
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted
attacks.
* Cross-Site Scripting attacks.
* SQL Injection attacks.
* CSRF attacks.
* Information leakages.
* Denial of Service attacks.
You can read the article Anthology of attacks via captchas at my site:
http://websecurity.com.ua/4107/
Best wishes regards,
MustLive
Administrator of Websecurity
regards,
MustLive
Administrator of Websecurity web site
http://websecurity.com.ua
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
hole becomes even more serious.
Best wishes regards,
MustLive
Administrator of Websecurity web site
http://websecurity.com.ua
- Original Message -
From: julian steward
To: MustLive ; full-disclosure@lists.grok.org.uk
Sent: Monday, March 22, 2010 2:13 AM
Subject: Re: [Full-disclosure
Emulator, CoreCMS, Holograph Emulator,
Holograph Emulator - Craigs Edition, 0niCMS, AJ-CMS, HoloCMS v3.2.0 Synergy,
HoloCMSrW, Mir, Alexx Hotel.
Best wishes regards,
MustLive
Administrator of Websecurity web site
http://websecurity.com.ua
___
Full-Disclosure
,
MustLive
Administrator of Websecurity web site
http://websecurity.com.ua
- Original Message -
From: Jan G.B. ro0ot.w...@googlemail.com
To: MustLive mustl...@websecurity.com.ua
Cc: full-disclosure@lists.grok.org.uk
Sent: Monday, April 12, 2010 1:08 PM
Subject: Re: [Full-disclosure] Anthology
project.
Best wishes regards,
MustLive
Administrator of Websecurity web site
http://websecurity.com.ua
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http
their own holes (so with every
additional bonus program the overall security of the system is
decreasing). So everyone must take care of additional apps, both web and
desktop (such as toolbars), and install only what they really want.
Best wishes regards,
MustLive
Administrator of Websecurity web
:
It's possible to upload arbitrary files (shell upload) via module “Banner
system” in admin panel.
Best wishes regards,
MustLive
Administrator of Websecurity web site
http://websecurity.com.ua
___
Full-Disclosure - We believe in it.
Charter: http
.
When I'll find time, I'll answer at letters of those readers of the list who
wrote me recently regarding vulnerabilities in CaptchaSecurityImages.php (so
don't worry about that).
Best wishes regards,
MustLive
Administrator of Websecurity web site
http://websecurity.com.ua
- Original Message
of large values of width and height it's possible to create
large load at the server.
Best wishes regards,
MustLive
Administrator of Websecurity web site
http://websecurity.com.ua
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full
engines
are showing at the site.
Referer:
http://www.google.com/search?q=xss;scriptalert(document.cookie)/script
Best wishes regards,
MustLive
Administrator of Websecurity web site
http://websecurity.com.ua
___
Full-Disclosure - We believe in it.
Charter
or automated (with using of
OCR) methods, which were mentioned before (http://websecurity.com.ua/4043/).
DoS:
http://site/CaptchaSecurityImages.php?width=1000height=9000
With setting of large values of width and height it's possible to create
large load at the server.
Best wishes regards,
MustLive
vulnerability.
XSS:
http://site/archives.cfm/search/?term=%3Cbody%20onload=alert(document.cookie)%3E
Best wishes regards,
MustLive
Administrator of Websecurity web site
http://websecurity.com.ua
___
Full-Disclosure - We believe in it.
Charter: http
Best wishes regards,
MustLive
Administrator of Websecurity web site
http://websecurity.com.ua
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
://site/Blog/widgets/Cumulus/tagcloud.swf?mode=tagstagcloud=%3Ctags%3E%3Ca+href='http://websecurity.com.ua'+style='font-size:+40pt'%3EClick%20me%3C/a%3E%3C/tags%3E
Best wishes regards,
MustLive
Administrator of Websecurity web site
http://websecurity.com.ua
wishes regards,
MustLive
Administrator of Websecurity web site
http://websecurity.com.ua
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
and infected with viruses, and the code for distributing of malware was
using a cloaking for hiding of malicious code from built-in antivirus in
search engines Google and Yahoo.
Best wishes regards,
MustLive
Administrator of Websecurity web site
http://websecurity.com.ua
-size:+40pt'%3EClick%20me%3C/a%3E%3C/tags%3E
http://site/modules/mod_usr3dcloud/tagcloud_rus.swf?mode=tagstagcloud=%3Ctags%3E%3Ca+href='http://websecurity.com.ua'+style='font-size:+40pt'%3EClick%20me%3C/a%3E%3C/tags%3E
Best wishes regards,
MustLive
Administrator of Websecurity web site
http
regards,
MustLive
Administrator of Websecurity web site
http://websecurity.com.ua
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
in separate advisory.
Best wishes regards,
MustLive
Administrator of Websecurity web site
http://websecurity.com.ua
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia
letter.
Best wishes regards,
MustLive
Administrator of Websecurity web site
http://websecurity.com.ua
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http
+1,0x436F6465,0x436F6465,1,1,0x436F6465,1,1,1,1,1,1,1,1,1,1,1,0x436F6465,1,1%23/../../../../1
Note, that developer of the plugin don't support it anymore, so users of the
plugin need to fix it by themselves.
Best wishes regards,
MustLive
Administrator of Websecurity web site
http://websecurity.com.ua
that from my side, I'd never offer you a security job, because I
need only serious employee. It's my main criterion for all kind of job,
including security job.
Best wishes regards,
MustLive
Administrator of Websecurity web site
http://websecurity.com.ua
- Original Message -
From: Benji
in particular. And in Opera the attack is going without
blocking, only resources consumption (more slowly then in other browsers).
Best wishes regards,
MustLive
Administrator of Websecurity web site
http://websecurity.com.ua
___
Full-Disclosure - We believe
:
http://site/news.php?ch=idid=-1'%20or%20version()=5/*
Best wishes regards,
MustLive
Administrator of Websecurity web site
http://websecurity.com.ua
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
.
To Susan Bradley from Bugtraq:
This is one of those cases, which I told you before, when browser vendors
ignore to fix DoS holes in their browsers for many years.
Best wishes regards,
MustLive
Administrator of Websecurity web site
http://websecurity.com.ua
without using any loops, just only one small string
with expression in style.
Sorry Mustlive,
i understand you need to see this in clear text finaly.
I guess ascii is the best to communicate with you;
You didn't understand, Laurent. The best and only way to communicate with me
it's cultural
was released, which removed support of gopher protocol.
So from that time IE is not supporting gopher, but if other browsers just
ignore iframes with it, then IE and Opera are consuming system resources.
Best wishes regards,
MustLive
Administrator of Websecurity web site
http://websecurity.com.ua
possible then they will decide to make
such ones for this vulnerability with iframes and different protocols.
Best wishes regards,
MustLive
Administrator of Websecurity web site
http://websecurity.com.ua
- Original Message -
From: Manuel Moreno Leiva
To: MustLive
Cc: full-disclosure
in June. Looks like he fond of conversation with my
blacklist filters. I recommend both of you to use your time more wiser.
Best wishes regards,
MustLive
Administrator of Websecurity web site
http://websecurity.com.ua
- Original Message -
From: Christian Sciberras
To: Jeff Williams
Cc
, which fixed only FPD holes, but
not XSS). So users of the plugin must fix it by themselves.
Best wishes regards,
MustLive
Administrator of Websecurity web site
http://websecurity.com.ua
___
Full-Disclosure - We believe in it.
Charter: http
. And in Outlook exploit with iframe with mailto triggers only at
opening of the letter, and exploits with iframe with news, nntp and
firefoxurl trigger as at preview of the letters, as at their opening.
Best wishes regards,
MustLive
Administrator of Websecurity web site
http://websecurity.com.ua
occurs blocking of the browser, and in IE and
Opera occurs resources consumption.
Best wishes regards,
MustLive
Administrator of Websecurity web site
http://websecurity.com.ua
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full
wishes regards,
MustLive
Administrator of Websecurity web site
http://websecurity.com.ua
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
and in contact form there is no protection from
automated requests (captcha).
Best wishes regards,
MustLive
Administrator of Websecurity web site
http://websecurity.com.ua
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure
at old versions of PHP.
Best wishes regards,
MustLive
Administrator of Websecurity web site
http://websecurity.com.ua
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia
at using of closed redirectors (attack #10), in this case not
external redirector is using, but internal one (at this site, or at the site
from allowed list).
Best wishes regards,
MustLive
Administrator of Websecurity web site
http://websecurity.com.ua
.
Best wishes regards,
MustLive
Administrator of Websecurity web site
http://websecurity.com.ua
- Original Message -
From: musnt live musntl...@gmail.com
To: MustLive mustl...@websecurity.com.ua
Cc: full-disclosure@lists.grok.org.uk
Sent: Monday, June 28, 2010 11:40 PM
Subject: Re: [Full
Best wishes regards,
MustLive
Administrator of Websecurity web site
http://websecurity.com.ua
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
they
added such class of vulnerability as URL Redirector Abuse.
It took me until half the post to realize this wasn't posted by
MusntLive but by the original MustLive.
Different people use different styles for writing texts, so it's easy to
distinguish my texts from text of others (including those
.
Best wishes regards,
MustLive
Administrator of Websecurity web site
http://websecurity.com.ua
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
/script%3E
http://site/simpnews/news.php?lang=enlayout=layout2sortorder=%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E
Best wishes regards,
MustLive
Administrator of Websecurity web site
http://websecurity.com.ua
___
Full-Disclosure - We
what do I really
know? And as such I have blocked these IP's from accessing my server.
As I said, you have no need to worry about these attacks, if you have not
such vulnerable webapps. And to ban or not to ban these IPs it's up to you.
Best wishes regards,
MustLive
Administrator of Websecurity
on this topic which I made recently.
And for these researches I created a tool for conducting of DDoS attacks on
the sites via other sites, which I'd write about in the next letter.
Best wishes regards,
MustLive
Administrator of Websecurity web site
http://websecurity.com.ua
- Original Message
side. So this method of attacks can become
widespread in short-term outlook.
Best wishes regards,
MustLive
Administrator of Websecurity web site
http://websecurity.com.ua
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full
servers, than you will be knowing what type of botnets it is.
Best wishes regards,
MustLive
Administrator of Websecurity web site
http://websecurity.com.ua
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure
1 - 100 of 440 matches
Mail list logo
