Full Disclosure: Re: Mac OSX 10.4 Dashboard Authentication Hijacking Vulnerability

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Full Disclosure mailing list archives

Re: Mac OSX 10.4 Dashboard Authentication Hijacking Vulnerability

From: ph0enix <ph0enix () justonemorething org>
Date: Thu, 19 May 2005 08:53:03 +0200

http://stephan.com/widgets/zaptastic/

well, I know this already and maybe I wasn't clear in my last mail:How do you exploit this under 10.4.1 when the option in Safari isturned on, because Jonathan Zdziarski described 10.4.1 as vulnerable?



www.osvdb.org -- everything is vulnerable.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

By Date By Thread

Current thread:

Re: Mac OSX 10.4 Dashboard Authentication Hijacking Vulnerability, (continued)
- Re: Mac OSX 10.4 Dashboard Authentication Hijacking Vulnerability ph0enix (May 18)
  - Re: Mac OSX 10.4 Dashboard Authentication Hijacking Vulnerability ZATAZ.net (May 18)
    - Re: Mac OSX 10.4 Dashboard Authentication Hijacking Vulnerability ph0enix (May 18)
    - Re: Mac OSX 10.4 Dashboard Authentication Hijacking Vulnerability Daniel (May 19)
    - Content detection in html payload with snort ? Frederic Charpentier (May 19)
    - Re: Mac OSX 10.4 Dashboard Authentication Hijacking Vulnerability Jonathan Zdziarski (May 19)
  - Re: Mac OSX 10.4 Dashboard Authentication Hijacking Vulnerability Jonathan Zdziarski (May 19)
    - Re: Mac OSX 10.4 Dashboard Authentication Hijacking Vulnerability ph0enix (May 19)