Home page logo

fulldisclosure logo Full Disclosure mailing list archives

Re: Dark side of bookmarks
From: "Memisyazici, Aras" <arasm () vt edu>
Date: Mon, 2 Nov 2009 08:51:32 -0500


I really don't want to start a flame-war nor am I trying to belittle you or your work but...

Your "article", unless I misunderstood, is useless. To explain further, your article lacks substance. For instance you 
state: "could be used in DoS attack for browsers" yet you provide no working PoC/example(s)

What about mitigation? What about prevention?

No offense but scare-tactics don't help ANYBODY... As a sysadmin, I would've appreciated some more details or at least 
some answers to my questions above! :)

In any case, thank you for putting together such an entry and look forward to your continued, hopefully improved 
research results!

Aras 'Russ' Memisyazici
Systems Administrator
Virginia Tech


Date: Sat, 31 Oct 2009 23:24:50 +0200
From: "MustLive" <mustlive () websecurity com ua>
Subject: [Full-disclosure] Dark side of bookmarks
To: <full-disclosure () lists grok org uk>
Hello participants of Full-Disclosure!

After my articles about different attacks via redirectors - Redirectors: the
phantom menace (http://websecurity.com.ua/3495/) and Attacks via closed
redirectors (http://websecurity.com.ua/3531/), here is my new article. This
time about attacks via bookmarks. In article Dark side of bookmarks
(http://websecurity.com.ua/3643/) I'll tell you about risks of bookmarks in

There are possible next attacks via bookmarks:

1. Spam.
2. Phishing.
3. Malware spreading.
4. DoS attacks.

You can read the article Dark side of bookmarks at my site:

Best wishes & regards,
Administrator of Websecurity web site


Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]