| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu Dec 8 05:52:51 2005 From: jpierini at hotmail.com (Joseph Pierini) Subject: Re: Google is vulnerable from XSS attack I know I'm gonna kick myself in the morning for this but... N3td3v, http://dictionary.reference.com/search?q=Sarcasm Oh, I also hold an MCP and I am the winner of the coveted LSMFT - 3 years running! -j -----Original Message----- From: n3td3v [mailto:xploitable@...il.com] Sent: Wednesday, December 07, 2005 9:56 AM To: jpierini; full-disclosure@...ts.grok.org.uk Subject: Re: [Full-disclosure] Re: Google is vulnerable from XSS attack On 12/7/05, jpierini <jpierini@...mail.com> wrote: "I'm just a CISSP, and as discussed numerous times I'm without the elite mad skills of a hacker (XSS wasn't even on our test!)" You're not a professional then in my eyes and don't have a right to be even in this thread let alone go around wtih your CISSP title. "Why won't the hacking community give the vendors a reasonable amount of time to cover their asses" Because Google took less than 48-hours to fix a less severe XSS flaw the last time: http://www.zone-h.org/en/news/read/id=4439/ As a owner of a Google Group, I would personally like this patched for the security of my group and that of my personal computer and web browser. "the damage is done" Not yet, the longer Google leave it the more likely an attack on all groups could be carried out.
Powered by blists - more mailing lists