lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date: Tue, 27 Jan 2004 17:27:21 -0000
From: "http-equiv@...ite.com" <1@...ware.com>
To: <bugtraq@...urityfocus.com>
Cc: <NTBugtraq@...tserv.ntbugtraq.com>
Subject: GOOROO CROSSING: File Spoofing Internet Explorer 6




Tuesday, January 27, 2004 

Trivial file spoofing in Internet Explorer 6.0.2800.1106 and all 
of 'its' patches to date on WIN XP [probably others]:

Content-Disposition: attachment; filename=malware.{3050f4d8-98B5-
11CF-BB82-00AA00BDCE0B}fun_ball_gites_pie_throw%2Empeg"

Absolute bare minimum working demo [perhaps even feeble] as we 
are absolutely confident the self-appointed resident gooroo will 
be along shortly handing out packets of two cents to everyone 
thus saving us the effort to illustrate in even greater detail 
to those lacking imagination:


http://www.malware.com/gooroo.html



End Call

-- 
http://www.malware.com

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ