| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20DE79EA3783484A94EF626CFBEB95B305DA7086CC@rivendell.cc.w2k.vt.edu> Date: Mon, 2 Nov 2009 08:51:32 -0500 From: "Memisyazici, Aras" <arasm@...edu> To: "full-disclosure@...ts.grok.org.uk" <full-disclosure@...ts.grok.org.uk> Cc: MustLive <mustlive@...security.com.ua> Subject: Re: Dark side of bookmarks MustLive: I really don't want to start a flame-war nor am I trying to belittle you or your work but... Your "article", unless I misunderstood, is useless. To explain further, your article lacks substance. For instance you state: "could be used in DoS attack for browsers" yet you provide no working PoC/example(s) What about mitigation? What about prevention? No offense but scare-tactics don't help ANYBODY... As a sysadmin, I would've appreciated some more details or at least some answers to my questions above! :) In any case, thank you for putting together such an entry and look forward to your continued, hopefully improved research results! Sincerely, Aras 'Russ' Memisyazici Systems Administrator Virginia Tech ---------------------------------------------------------------------- Date: Sat, 31 Oct 2009 23:24:50 +0200 From: "MustLive" <mustlive@...security.com.ua> Subject: [Full-disclosure] Dark side of bookmarks To: <full-disclosure@...ts.grok.org.uk> Hello participants of Full-Disclosure! After my articles about different attacks via redirectors - Redirectors: the phantom menace (http://websecurity.com.ua/3495/) and Attacks via closed redirectors (http://websecurity.com.ua/3531/), here is my new article. This time about attacks via bookmarks. In article Dark side of bookmarks (http://websecurity.com.ua/3643/) I'll tell you about risks of bookmarks in browsers. There are possible next attacks via bookmarks: 1. Spam. 2. Phishing. 3. Malware spreading. 4. DoS attacks. You can read the article Dark side of bookmarks at my site: http://websecurity.com.ua/3643/ Best wishes & regards, MustLive Administrator of Websecurity web site http://websecurity.com.ua ------------------------------ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists