| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CACRQBjAyQg=jr5ogwGxq0EPMy0Z06Bu9c1=Po_XYDhKFOwwXMw@mail.gmail.com> Date: Sun, 10 Jul 2011 15:34:42 +0200 From: Mango <h@...r.se> To: full-disclosure@...ts.grok.org.uk Subject: phpMyAdmin 3.x preg_replace RCE POC Last night I spent some time editing the css according to Tweedledoh recomendations. It's now a 12pt Verdana, sans-serif font. And I changed the green color to a better brighter yellowish kind of green. I often feel that a black background saves my eyes when reading in the middle of the night. I thought my audience deserver some kindness for once... /Mango 2011/7/10 <nix@...roxylists.com>: >> Your loss... >> >> But what do you suggest I'd change it to? >> > > Since you have black background, I would make text in white and increase > the font size to 12px. I don't know is it just me but after I've coded > then hours just like i did before i visited your site. My eyes almost > started to hurt due to it was too hard to read. > > Im quite confident many other would like that fix too allthough they did > not complained. Thanks. > >> /Mango >> >> 2011/7/9 <nix@...roxylists.com>: >>>> I'm flooded with requests for a POC and many doubt that these >>>> vulnerabilities are exploitable. And since this vulnerability is >>>> rather technically interesting I believe many could learn from it. >>>> >>>> http://ha.xxor.se/2011/07/phpmyadmin-3x-pregreplace-rce-poc.html >>>> >>> >>> Could you fix that font on your site? Very small light green font on >>> black >>> background. It's horrible. I did not even bothered to read it in full >>> due >>> to that. >>> >>>> _______________________________________________ >>>> Full-Disclosure - We believe in it. >>>> Charter: http://lists.grok.org.uk/full-disclosure-charter.html >>>> Hosted and sponsored by Secunia - http://secunia.com/ >>>> >>> >>> >>> >> > > > _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists