lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date: Wed, 26 Jan 2011 15:17:32 +0200
From: Yigit Turgut <y.turgut@...il.com>
To: full-disclosure@...ts.grok.org.uk
Subject: Re: www.google.com xss vulnerability Using mhtml

I woudn't like to discourage ppl submitting vulns to vendors but this is the
response you'll most likely to get from those kind of vendors no matter what
you found in their system. I had more than a dozen similar experience like
yours. Now it's public + fixed and you gotta get nothing beside these
replies (:



> Message: 10
> Date: Wed, 26 Jan 2011 01:33:16 -0800
> From: IEhrepus <5up3rh3i@...il.com>
> Subject: [Full-disclosure] www.google.com xss vulnerability Using
>        mhtml
> To: full-disclosure@...ts.grok.org.uk
> Cc: sird@...c.at
> Message-ID:
>        <AANLkTinF+XiCfVrw86cm-m0uHW_o0xzK1XfHFwTNR1PF@...l.gmail.com<AANLkTinF%2BXiCfVrw86cm-m0uHW_o0xzK1XfHFwTNR1PF@...l.gmail.com>
> >
> Content-Type: text/plain; charset=UTF-8
>
> Long, long time ago, we heard an interesting legend is www.google.com
> will Pay for its vulnerability,so we want to try ...
>
> lucky,A vulnerability has been caught by my friend
> PZ[http://hi.baidu.com/p__z], this vul is base on ?Hacking with mhtml
> protocol handler?[
> http://www.80vul.com/mhtml/Hacking%20with%20mhtml%20protocol%20handler.txt
> ]:
>
> mhtml:http://www.google.com/gwt/n?u=[mhtml file url]!xxxx
>
> we are very happy,so we post it to security@...gle.com for the legend
> :)[2011/01/23].We got a reply soon [2011/01/24]:
>
> ---------------------------------------------------
> Hi Pavel,
>
> Nice catch! I?ve filed a bug internally and will keep you in the loop
> as things progress.
>
> Regards,
> xxx- Google Security Team
> --------------------------------------------------
>
> but .....
>
> -------------------------------------------------
> Hi Pavel,
>
> The panel has determined this doesn't qualify for a reward for 2 reasons:
>
> 1) A very close variant was publicly disclosed on 21 Jan:
> http://www.wooyun.org/bugs/wooyun-2010-01199
> 2) Technically, it's not a bug in Google, it's really a big in IE.
>
> Cheers,
> xxx, Google Security Team
> -----------------------------------------------
>
> and Today we test the vul again ,it has been fixed .[2011/01/26]
>
> Thus, we understand the unspoken rules of this, This is a football
> game, the vulnerability is the ball , MS and GG are the players
>
>
> ----by superhei from http://www.80vul.com
>
>
>
>
> hitest
>

Content of type "text/html" skipped

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ