[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[WEB SECURITY] XSS at Netcraft.com

From: "Valery Marchuk" <tecklord@xxxxxxxxxxxxx>
Subject: [WEB SECURITY] XSS at Netcraft.com
Date: Thu, 3 Aug 2006 00:22:19 +0300

------=_NextPart_000_0166_01C6B692.E17B9150
Content-Type: text/plain;
	charset="koi8-r"
Content-Transfer-Encoding: quoted-printable

Hi All!

This time XSS vulnerability at Netcraft. Hope this company will act a =
bit=20
sooner than others.


Example of vulnerability is as usually in my blog at=20
http://www.securitylab.ru/blog/tecklord/?category=3D19



All the XSS vulnerabilities, published there since Monday this week are=20
still not fixed. So, there are in the list of companies, who do not care =

much about their own security and security of their customers:


PayPall

Netscape

Digg

Google

Netcraft


I wish all these companies luck in fixing vulnerabilities at their web=20
sites.


Have a nice day

Valery
------=_NextPart_000_0166_01C6B692.E17B9150
Content-Type: text/html;
	charset="koi8-r"
Content-Transfer-Encoding: quoted-printable

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META http-equiv=3DContent-Type content=3D"text/html; charset=3Dkoi8-r">
<META content=3D"MSHTML 6.00.3790.2706" name=3DGENERATOR>
<STYLE></STYLE>
</HEAD>
<BODY bgColor=3D#ffffff>
<DIV><FONT size=3D2><FONT size=3D3>Hi All!<BR><BR>This time XSS =
vulnerability at=20
Netcraft. Hope this company will act a bit <BR>sooner than=20
others.<BR><BR><BR>Example of vulnerability is as usually in my blog at=20
<BR></FONT><A =
href=3D"http://www.securitylab.ru/blog/tecklord/?category=3D19";><FONT=20
size=3D3>http://www.securitylab.ru/blog/tecklord/?category=3D19</FONT></A=
><BR><BR><BR><BR></FONT><FONT=20
size=3D3>All the XSS vulnerabilities, published there since Monday this =
week are=20
<BR>still not fixed. So, there are in the list of companies, who do not =
care=20
<BR>much about their own security and security of their=20
customers:<BR><BR><BR>PayPall<BR><BR>Netscape<BR><BR>Digg<BR><BR>Google<B=
R><BR>Netcraft<BR><BR><BR>I=20
wish all these companies luck in fixing vulnerabilities at their web=20
<BR>sites.<BR><BR><BR>Have a nice =
day<BR><BR>Valery</FONT></DIV></BODY></HTML>

------=_NextPart_000_0166_01C6B692.E17B9150--

Prev by Date: Re: [WEB SECURITY] JavaScript Malware, port scanning, and beyond
Next by Date: Re: [WEB SECURITY] JavaScript Malware, port scanning, and beyond
Previous by thread: [WEB SECURITY] [Administrative] List slow down
Next by thread: Re: [WEB SECURITY] Detecting, Analyzing, and Exploiting Intranet Applications using JavaScript
Index(es):
- Date
- Thread

Brought to you by http://www.webappsec.org