I've read the article, but I still do not see where the severe redirection
vulnerability is. Is this not a feature of the neworder.box.sk web site to
allow anyone to be redirected to anypage they submit to redirect.php?
----- Original Message -----
From: "Aditya K Sood" <zeroknock () metaeye org>
To: <full-disclosure () lists grok org uk>
Sent: Wednesday, March 28, 2007 8:49 PM
Subject: [Full-disclosure] NewOrder.box.sk Inherits Severe
Previous Rootkit.com Vulnerability have been patched.
The neworder.box.sk is famous security website.It inherits very specific
redirection attacks. The domain forwarding or URL forwarding not only
directly possible through the website but can be called from third party
A very generic analysis have been undertaken based on search engine
specification.Look into the issues at:
Full-Disclosure - We believe in it.
Hosted and sponsored by Secunia - http://secunia.com/