332 matches found
raq2.admin.exploit.txt
To replicate this bug you must have Site Administrator access to one of the accounts on the server. When you go into the Site Management for a site and select the User Management option, you get a list of the usernames that have been setup for that account. The green pencil edit icon is a command...
hotmail.passwd.trap.txt
Date: Fri, 23 Apr 1999 13:55:24 -0500 From: David L. Nicol To: [email protected] Subject: javascript hotmail password trap Hello, I was informed this morning that a free form data mailer I maintain http://www.tipjar.com/generic.html was being involved in a javascript-based hotmail password...
netscape.4.51.url.sniffing.txt
Date: Thu, 25 Mar 1999 20:07:52 +0200 From: Georgi Guninski To: [email protected] Subject: Netscape Communicator 4.51 allows sniffing of URLs from another window There is a bug in Netscape Communicator 4.51,4.5/Win95, 4.08/WinNT probably others?, which allows sniffing URLs from another window...
hotmail-javascript-8-98.txt
Date: Mon, 24 Aug 1998 14:21:56 -0600 From: Tom Cervenka Subject: Serious Security Hole in Hotmail We have just found a serious security hole in Microsoft's Hotmail service http://www.hotmail.com which allows malicious users to easily steal the passwords of Hotmail users. The exploit involves...
netscape4.5-read-dir.txt
---------------------------------------------------------------- Date: Mon, 23 Nov 1998 10:36:40 PST From: Georgi Guninski To: [email protected] Subject: Netscape Communicator 4.5 can read local files There is a bug in Netscape Communicator 4.5 for Windows 95 and 4.05 for WinNT 4.0 probably...
netscape.4.x-javascript.txt
Date: Wed, 28 Oct 1998 10:22:02 PST From: Georgi Guninski Subject: Javascript bug in Netscape Communicator 4.5 There is a bug in Netscape Communicator 4.5, 4.07, 3.04 under Windows 95 probably others which allows reading user's cache the urls the user has visited, including the info in GET forms...
msie4.01-window-spoof.txt
Guninski's IE 4 window spoofing. http://www.geocities.com/ResearchTriangle/1711/read4.html There is a bug in Internet Explorer 4.01 patched which allows "window spoofing". The problem is: if you add '%01someURL' after the URL, IE thinks that the document is loaded from the domain of 'someURL'. Th...
msie.5.0.javascript.dos.txt
Date: Mon, 31 May 1999 16:18:02 GMT From: THR - To: [email protected] Subject: Exploit in Internet Explorer 5.0 Hi everyone! I have found a bug which will freeze Internet Explorer 5.0 I know that there are many bugs that will crasch browsers but what makes this one special is the following: In...
ebayla.txt
http://www.because-we-can.com/ebayla/ THE EBAYLA BUG AND HOW TO PROTECT YOURSELF This page describes a security problem that Blue Adept discovered with eBay's on-line auctions on March 31, 1999 realaudio interview. The security hole allows eBay users to easily steal the passwords of other eBay...
ie4.clipboard.txt
Date: Mon, 22 Feb 1999 23:39:07 +0100 From: Juan Carlos Garcia Cuartango To: [email protected] Subject: New IE4 vulnerability : the clipboard again. Greetings, I have discovered another IE 4 clipboard vulnerability. The clipboard content can be made public by a very simple javascri...
msie4.x-readfile.txt
Guninski's IE 4 file reading bug. http://www.geocities.com/ResearchTriangle/1711/read3.html There is a bug in Internet Explorer 4.x patched which allows reading local files and sending them to an arbitrary server. The problem is: if you add '%01someURL' after the URL, IE thinks that the document ...
browser.forkbomb.txt
Jim Paris http://home.jtan.com/jim/bugs/both/fork.html Repeated Browser Spawning New browser windows can be opened automatically with Javascript's window.open command. This page simply spawns a neverending supply of windows. This is similar to the Unix "while1fork;" attack. Any browser that...