| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sun May 7 16:27:15 2006 From: naveedafzal at gmail.com (naveed) Subject: Re: IE7 Zero Day oops....and we have seen a dumb cunt is trying to advertise a 0-day on this free list, which is not meant to be used for such kind of purposes. i bet you have not posted your ad here if FD would have charged you some $$ you might be a hax0r since you have discovered a vulnerability but you are more stupid than all of us since you cannot read a very simple charter http://lists.grok.org.uk/full-disclosure-charter.html On 5/6/06, 0x80@...h.ai <0x80@...h.ai> wrote: > So now that you are done wasting my time and bullshitting for info. > > What do you think? What context does IE run in? Sure, this gives > admin rights... if the user running IE has admin rights... > > But I shouldn't have to tell you that. BTW, I CCed the FD list so > others can see yet another dumb cunt trying to get info with no > cash and no intent to buy. > > > > On Fri, 05 May 2006 19:23:05 -0700 Simon Smith <simon@...soft.com> > wrote: > >Very interesting, > > But, my buyer is looking for exploits which yeild remote > >administrative access to the targeted systems. Do either of these > >do this? > > > >0x80@...h.ai wrote: > >> OK. > >> > >> There are two issues with IE 7. The first issue is also found > >in > >> IE 6 but in IE 6 I believe it is not exploitable (seems to be a > >> null pointer). > >> > >> Issue 1 - IE 6.0 Crash. IE 7 (all ver) remote code execution. > >> Lets call this one a malformed file type that IE considers safe. > >> > >> Issue 2 - IE 7.0 Information Stealing. Target visits malicious > >web > >> site and contents of all tabbed pages, including related cookies > > > > >> and cache information, can be yanked. Perhaps we can coin this > >one > >> to be Cross Tab Scripting but no user interaction is required. > >> > >> Consider this exploit scenario: User is doing online banking in > > > > >> one tab. User is checking gmail in another. User opens third > >tab > >> and visits malicious web site. I now have a copy of all data > >from > >> the first two tabs. > >> > >> My current high bid is $12,500.00 2% of any profits made by the > >use > >> of the exploit although I suspect that sort of thing would be > >tough > >> to audit. > >> > >> On Fri, 05 May 2006 15:30:17 -0700 Simon Smith > ><simon@...soft.com> > >> wrote: > >> > >>> Well, > >>> My buyers require temporary exclusivity during the > >>> vetting/validation process and permanent exclusivity and > >secrecy > >>> if they > >>> purchase the tool. If they do not purchase the tool, the the > >tool > >>> is > >>> yours. My buyers will also most probably out bid your buyers by > > >a > >>> significant amount. What is your current highest bid? Describe > >>> this > >>> exploit to me at a very high level without giving away any > >>> technical > >>> details. > >>> > >>> > >>> -Simon > >>> > >>> > >>> > >>> BullGuard Anti-virus has scanned this e-mail and found it > >clean. > >>> Try BullGuard for free: www.bullguard.com > >>> > >> > >> > >> > >> Concerned about your privacy? Instantly send FREE secure email, > >no account required > >> http://www.hushmail.com/send?l=480 > >> > >> Get the best prices on SSL certificates from Hushmail > >> https://www.hushssl.com?l=485 > >> > >> > > > > > > > > > >BullGuard Anti-virus has scanned this e-mail and found it clean. > >Try BullGuard for free: www.bullguard.com > > > > Concerned about your privacy? Instantly send FREE secure email, no account > required > http://www.hushmail.com/send?l=480 > > Get the best prices on SSL certificates from Hushmail > https://www.hushssl.com?l=485 > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ >
Powered by blists - more mailing lists