| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 4 Aug 2006 11:29:05 +0100 From: "pdp (architect)" <pdp.gnucitizen@...glemail.com> To: "Thierry Zoller" <Thierry@...ler.lu> Cc: full-disclosure@...ts.grok.org.uk, pen-test@...urityfocus.com, bugtraq@...urityfocus.com, webappsec@...urityfocus.com Subject: Re: Attacking the local LAN via XSS ;) absolutely no worries mate, maybe I wasn't clear enough... I was referring to home routers. In general I am talking about devices that have http or https communication channels. This is because of JavaScript's limitations. Although, by using Java you can do all sorts of other stuff. regards BTW, there are quite a lot cisco devices that have http open on local LAN vulnerable to IOS HTTP Authorization Vulnerability. It has been always a matter of security vs. accessibility. This is way weak On 8/4/06, Thierry Zoller <Thierry@...ler.lu> wrote: > Dear pdp (architect), > > pa> xecuted of the border router domain > I'd like to see a "border router" serving images on port 80 ??? > Doesn't make sense, really ;) No pun intented. > > -- > http://secdev.zoller.lu > Thierry Zoller > Fingerprint : 5D84 BFDC CD36 A951 2C45 2E57 28B3 75DD 0AC6 F1C7 > > -- pdp (architect) http://www.gnucitizen.org _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists