lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [day] [month] [year] [list] 
Message-ID: <002c01c6c50d$d232d030$0400a8c0@pc4>
Date: Mon, 21 Aug 2006 13:37:35 +0300
From: "Valery Marchuk" <tecklord@...ocom.cv.ua>
To: <full-disclosure@...ts.grok.org.uk>
Subject: XSS at eEye.com #2 (evidence of existence)

Hi all!

According to this blog eEye (Ross Brown) denies existence of XSS Vulnerability at their web site.

http://www.stillsecureafteralltheseyears.com/ashimmy/2006/08/make_sure_the_s.html

 

Well, what else we can expect from the security company, which cannot protect its own web site?

As an evidence of vulnerability, I've published another XSS bug in my blog. 

Just follow the link in the blog and then press the "Back" button.

 

http://www.securitylab.ru/blog/tecklord/209.php



Have a nice day

Valery

Content of type "text/html" skipped

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ