lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Date: Fri, 3 Aug 2007 10:00:48 -0700
From: "insist kool" <insistkool@...il.com>
To: full-disclosure@...ts.grok.org.uk
Subject: Yahoo url redirection flaw

Hi all,
Yahoo URL redirection flaw.


http://us.ard.yahoo.com/SIG=12hl6h3k3/M=572922.10815137.11567452.4937104/D=mail/S=150500152:MNW/Y=YAHOO/EXP=1186165822/A=4706278/R=1/SIG=12hiicv0n/*http://www.google.com/

Aditya K Sood has reported an extrememly similar bug two months ago (
http://archives.neohapsis.com/archives/fulldisclosure/2007-06/0438.html),
this is nothing new but still worthwhile to be aware.

Enjoy!

insistkool

Content of type "text/html" skipped

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ