|
Full Disclosure
mailing list archives
Re: Mac OSX 10.4 Dashboard Authentication Hijacking Vulnerability
From: "ZATAZ.net" <exploits () zataz net>
Date: Thu, 19 May 2005 08:41:41 +0200
Hello,
http://stephan.com/widgets/zaptastic/
Regards.
Le 19 mai 05 à 08:36, ph0enix a écrit :
Date: May 19, 2005
Description: OSX 10.4 Dashboard Permits Hijacking of Authenticated
Credentials
This issue is known since 2005-05-09 and OSVDB had an entry already:
http://www.osvdb.org/16499
Versions Affected:
OSX 10.4.0
OSX 10.4.1
10.4.1 doesn't seem to be vulnerable. Could you please show how do
you exploit this when the option in Safari is turned on?
www.osvdb.org -- everything is vulnerable.
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Cordialement
-----------------------------------------------------
Eric Romang / ZATAZ Production
Co-fondateur de ZATAZ
eromang () zataz net
www.zataz.com / www.zataz.net
GSM : +352 091 600 404
B.P. 311
59474 Seclin Cedex
France
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
 By Date 
By Thread
Current thread:
- Re: Mac OSX 10.4 Dashboard Authentication Hijacking Vulnerability, (continued)
Re: Mac OSX 10.4 Dashboard Authentication Hijacking Vulnerability ph0enix (May 18)
- Re: Mac OSX 10.4 Dashboard Authentication Hijacking Vulnerability ZATAZ.net (May 18)
Re: Mac OSX 10.4 Dashboard Authentication Hijacking Vulnerability Jonathan Zdziarski (May 19)
Re: Mac OSX 10.4 Dashboard Authentication Hijacking Vulnerability Jonathan Zdziarski (May 19)
| 
Intro
