lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <42812951.90804@designtoscano.com>
Date: Tue May 10 22:36:35 2005
From: benv at designtoscano.com (Ben Vaisvil)
Subject: Firefox & Mozilla  Advisory

Your guess is probably correct - and The Register reports about the same:

http://www.theregister.co.uk/2005/05/09/google_dns_glitch/

Todd Towles wrote:
> I was just taking a guess at what could have happened. But it sounds
> like it would work. You buy www.google.com.net and then you wait for
> their DNS to mess up and you get thousands and thousands of hits to your
> spyware site. Possible Passive Pharming attack?
> 
> Anyone know for sure what happen? 
> 
> 
>>-----Original Message-----
>>From: full-disclosure-bounces@...ts.grok.org.uk 
>>[mailto:full-disclosure-bounces@...ts.grok.org.uk] On Behalf 
>>Of Ben Vaisvil
>>Sent: Tuesday, May 10, 2005 3:07 PM
>>To: full-disclosure@...ts.grok.org.uk
>>Subject: Re: [Full-disclosure] Firefox & Mozilla Advisory
>>
>>Engadget.com was claiming (incorrectly) that google got 
>>hacked 
>>http://64.233.167.104/search?q=cache:aAAhpPYRP5cJ:www.engadget
>>.com/entry/1234000610042620/+engadget+google+hacked&hl=en
>>
>>Didn't take long for baseless speculation!
>>
>>Todd Towles wrote:
>>
>>>Well, the patch the mozilla server was modified to fix the 
>>
>>issue. Paul 
>>
>>>told everyone the whole story about it on here yesterday. I heard 
>>>about this on the weekend.
>>>
>>>I am surprised no one has talked about the Google DNS issue. Users 
>>>were tricked into going to SoGoSearch.com because of IE's 
>>
>>great domain 
>>
>>>search function. When IE can't find a site, it starts to 
>>
>>search. Well, 
>>
>>>SoGoSearch.com owns www.google.com.net, and therefore that is why 
>>>people were getting spyware/adware junk.
>>>
>>> 
>>>
>>>
>>>
>>>>-----Original Message-----
>>>>From: full-disclosure-bounces@...ts.grok.org.uk
>>>>[mailto:full-disclosure-bounces@...ts.grok.org.uk] On Behalf Of 
>>>>Morning Wood
>>>>Sent: Tuesday, May 10, 2005 1:21 PM
>>>>To: P Ellison; full-disclosure@...ts.grok.org.uk
>>>>Subject: Re: [Full-disclosure] Firefox & Mozilla Advisory
>>>>
>>>>wtf???  - - - - this HAS BEEN PATCHED
>>>>
>>>>no "heads-up" needed ( you missed the boat by a week )
>>>>
>>>>BUT THANKS FOR PLAYING!
>>>>
>>>>
>>>>----- Original Message -----
>>>>From: "P Ellison" <peter.jfactu@...nternet.com>
>>>>To: <full-disclosure@...ts.grok.org.uk>
>>>>Sent: Tuesday, May 10, 2005 9:21 AM
>>>>Subject: [Full-disclosure] Firefox & Mozilla Advisory
>>>>
>>>>_______________________________________________
>>>>Full-Disclosure - We believe in it.
>>>>Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>>>>Hosted and sponsored by Secunia - http://secunia.com/
>>>>
>>>
>>>_______________________________________________
>>>Full-Disclosure - We believe in it.
>>>Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>>>Hosted and sponsored by Secunia - http://secunia.com/
>>
>>_______________________________________________
>>Full-Disclosure - We believe in it.
>>Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>>Hosted and sponsored by Secunia - http://secunia.com/
>>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ