Or run commands or cause stack overflows through the applications installed on your machine. If you don't think XSS is a big issues, check out my presentation from Black Hat Japan, which just got over.
Keep up the good work PDP. Nate On 10/27/07, scott <[EMAIL PROTECTED]> wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > I personally thank pdp for his insight and will frequent his site > regularly.A lot of people don't think XSS'es are all that big of a deal. > > When someone can steal my session cookies and login as me,I tend to > think it is a problem.Or scan your network behind the firewall using > your browser.How can you not see a threat? > > Regards, > Scott > > > reepex wrote: > > It seems our good friend and fellow poster pdp|architect is leaving > > our scene for something else. > > http://www.gnucitizen.org/about/pdp#comment-61753 > > > > pdp took alot of heat after his home router bug that affected millions > > of people and maybe it was too much for him to handle. We hope he > > comes back soon with more 0day advisories and technical reports. > > > > _______________________________________________ > > Full-Disclosure - We believe in it. > > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > > Hosted and sponsored by Secunia - http://secunia.com/ > > > > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.4.6 (GNU/Linux) > Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org > > iD8DBQFHI7sexajqy/aNaRsRAonGAJ0RPWpGS/0UlZDTRbQ6SbM5B0RTzwCePfHo > ln1m64qx2mWlWHm5sfwPbKk= > =Q5YI > -----END PGP SIGNATURE----- > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ > _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
