lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <3FD66545.5080005@mail.telepac.pt>
Date: Wed, 10 Dec 2003 00:13:57 +0000
From: Pedro Castro <noupy@...l.telepac.pt>
To: bugtraq@...urityfocus.com
Subject: Re: Internet Explorer URL parsing vulnerability


It does also apply to Mozilla Firebird 0.7.



John W. Noerenberg II wrote:

> This exploit also applies to the Macintosh version of Explorer 
> v5.2.3(5815.1)
>
>> From: <bugtraq@...thedingbat.com>
>> To: bugtraq@...urityfocus.com
>> Subject: Internet Explorer URL parsing vulnerability
>>
>>
>>
>> Internet Explorer URL parsing vulnerability
>> Vendor Notified 09 December, 2003
>>
>> # Vulnerability ##########
>> There is a flaw in the way that Internet Explorer displays URLs in 
>> the address bar.
>>
>> By opening a specially crafted URL an attacker can open a page that 
>> appears to be from a different domain from the current location.
>>
>> # Exploit ##########
>> By opening a window using the http://user@...ain nomenclature an 
>> attacker can hide the real location of the page by including a 0x01 
>> character after the "@" character.
>> Internet Explorer doesn't display the rest of the URL making the page 
>> appear to be at a different domain.
>>
>> # POC ##########
>> http://www.zapthedingbat.com/security/ex01/vun1.htm
>>
>> # Tested ##########
>> Internet Explorer
>> Version 6.0.2800.1106C0
>> Updates: SP1, Q810847, Q810351, Q822925, Q330994, Q828750, Q824145
>>
>> # Credit ##########
>> Zap The Dingbat
>> http://www.zapthedingbat.com/
>
>



Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ