| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <3a166c090603231601q6a6d97c2j60d54f3c39c9248f@mail.gmail.com> Date: Fri Mar 24 00:01:27 2006 From: n3td3v at gmail.com (n3td3v) Subject: Phun! Search Lol, and even with your idea, that would open up a great Yahoo phishing vector. You mean "anyone" can edit a legitimate Yahoo webpage with the name "n3td3v" on it and have it cached on Yahoo servers. I believe thats called "DEFACEMENT" of a corporate webpage. Even with your idea, thats still headline news. Now wheres Robert Lemos and Joris Evers, or are they too scared to mention the 'n3td3v' alias on public news sites, yes they are. On 3/23/06, n3td3v <n3td3v@...il.com> wrote: > > The document is cached on Yahoo Slurp, you explain that, smart guy ;-) > > On 3/23/06, Bernhard Mueller <research@...-consult.com> wrote: > > > > Hello, > > > There's no need at all to cache anything at all. > > Sorry to tell you, but there is no vulnerability involved here > > -- > Bernhard > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ > > > > -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20060324/d497e3e3/attachment.html
Powered by blists - more mailing lists