Full Disclosure: Re: Dark side of bookmarks

Re: Dark side of bookmarks

From: S/U/N <s.u.n () free Fr>
Date: Mon, 02 Nov 2009 16:19:14 +0100

Just READ the post
and find this page
http://translate.google.com/translate?u=http%3A%2F%2Fwebsecurity.com.ua%2F2454%2F&sl=uk&tl=en&hl=fr&ie=UTF-8

************************  Cluster #[[   Memisyazici, Aras   ]] possibly
emitted, @Time [[   02/11/2009 14:51   ]] The Following #String 
**********************

MustLive:

I really don't want to start a flame-war nor am I trying to belittle you or your work but...

Your "article", unless I misunderstood, is useless. To explain further, your article lacks substance. For instance 
you state: "could be used in DoS attack for browsers" yet you provide no working PoC/example(s)

What about mitigation? What about prevention?

No offense but scare-tactics don't help ANYBODY... As a sysadmin, I would've appreciated some more details or at 
least some answers to my questions above! :)

In any case, thank you for putting together such an entry and look forward to your continued, hopefully improved 
research results!

Sincerely,
Aras 'Russ' Memisyazici
Systems Administrator
Virginia Tech

----------------------------------------------------------------------

Date: Sat, 31 Oct 2009 23:24:50 +0200
From: "MustLive" <mustlive () websecurity com ua>
Subject: [Full-disclosure] Dark side of bookmarks
To: <full-disclosure () lists grok org uk>
Hello participants of Full-Disclosure!

After my articles about different attacks via redirectors - Redirectors: the
phantom menace (http://websecurity.com.ua/3495/) and Attacks via closed
redirectors (http://websecurity.com.ua/3531/), here is my new article. This
time about attacks via bookmarks. In article Dark side of bookmarks
(http://websecurity.com.ua/3643/) I'll tell you about risks of bookmarks in
browsers.

There are possible next attacks via bookmarks:

1. Spam.
2. Phishing.
3. Malware spreading.
4. DoS attacks.

You can read the article Dark side of bookmarks at my site:
http://websecurity.com.ua/3643/

Best wishes & regards,
MustLive
Administrator of Websecurity web site
http://websecurity.com.ua

------------------------------

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

By Date By Thread

Current thread:

Dark side of bookmarks MustLive (Nov 01)
- <Possible follow-ups>
- Re: Dark side of bookmarks Memisyazici, Aras (Nov 02)
  - Re: Dark side of bookmarks S/U/N (Nov 02)
  - Re: Dark side of bookmarks MustLive (Nov 06)