|
Full Disclosure
mailing list archives
Re: Vulnerable Vectors in PHP Based Redirection Pages[redirect.php4/redirect.php5]
From: Aditya K Sood <zeroknock () metaeye org>
Date: Tue, 03 Apr 2007 19:08:23 +0530
Justin Klein Keane wrote:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
I hate to add noise to the wire but this 'vulnerability' has nothing to
do with PHP. This is a run of the mill exploitation of poorly designed
software (i.e. trusting user input) that is endemic on the web, but
isn't connected to any particular language or technology.
Justin C. Klein Keane
a.k.a. Mad Irish
http://www.madirish.net
Aditya K Sood wrote:
Hi
The PHP based redirection pages inherits a design flaw in
websites.
This makes it vulnerable to phishing attacks.Look into desired issue at:
http://zeroknock.blogspot.com/2007/04/vulnerable-vectors-in-php-based.html
http://zeroknock.metaeye.org/analysis/
Regards
Zeroknock
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (MingW32)
iD8DBQFGEkoxR4a3EW2yjlQRAh3SAJ4v8n15+T+DwTHTp6Bh4fXoYZaCLQCeLj9M
WYiGyrg+jHbOzXeQiIRvOaA=
=f5L3
-----END PGP SIGNATURE-----
Well i would like to say only this , the vulnerability overall comes in
this way
"susceptibility to degradation or damage from adverse factors or influences"
Thats all
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
 By Date 
By Thread
Current thread:
| 
Intro
