lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
From: BFetch at texpac.com (Fetch, Brandon)
Subject: Yet another reason not to use IE!  Old news?

Just visited a well known site (Wired.com) and had a nice little piece of
code cause the page that I was reading to go blank - DNS error page.
 
Here's the offending code (parentheses instead of slashes to not cause AV
scanning issues) and thank God I wasn't using XP:
 
ms-its:c:((windows(Help(iexplore.chm::)iegetsrt.htm
 
Is it any wonder why people are still picking up malware?  When reputable
sites use banner ad companies and these companies don't process or check
what their clients are providing, who's to be held responsible?
 
So you have a thrice-removed company being the perpetrator of infecting more
and more computers under the guise of a reputable site!
 
Yet another reason not to use IE for general Internet browsing!
 
Does someone happen to have a compiled list of 'bad' banner advertising
companies that allow this sort of behavior?  I'd be curious to see if any
other major web sites use those companies.
 
L8R
 
Brandon Fetch
817-871-4036
-- carpe ductum -- "Grab the tape"
 



This message is intended only for the person(s) to which it is addressed 
and may contain privileged, confidential and/or insider information. 
If you have received this communication in error, please notify us 
immediately by replying to the message and deleting it from your computer. 
Any disclosure, copying, distribution, or the taking of any action concerning
the contents of this message and any attachment(s) by anyone other 
than the named recipient(s) is strictly prohibited.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20040810/8fb67627/attachment.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ