lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Thu Jun 15 04:51:23 2006 From: waldoalvarez00 at gmail.com (wac) Subject: Vunerability in yahoo webmail. Hi folks: Can I get this file somewhere else? Like a web site or something. This gmail thing detects it as a virus. I doub't yahoo will let it pass still, that's wht i don;t ask anyne to send it to me ;). I wonder who asked to have an stupid scanner in the e-mail that you can't disable. I don't even have one on my computer!!! Anyway I understand I'm not common kind of people ;). Thanx in advance. Waldo On 6/12/06, David Loyall <david.loyall@...il.com> wrote: > > Hello, all. > > I just received an email with an html attachment, on a yahoo account. > > When I opened the mail, yahoo automatically displayed the html, and > executed the code within. What the hell. =) It forwarded the message to my > contacts list, (or some other set of addresses, dunno,) and redirected my > browser to a website. > > I'm of to a BBQ, and I don't care about yahoo. So I'm not even going to > read the code and see how this happens. I'm attaching the html file as a > text file. Enjoy! > > Oh, I've CC'd abuse@...oo.com, but if someone else would give them a > proper write-up, and encourage them to close the hole, that'd be wonderful. > > Cheers, > --David Loyall > Omaha, Nebraska > David Loyall <http://david.loyall.googlepages.com> > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ > > > -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20060614/f9d027d8/attachment.html
Powered by blists - more mailing lists