Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Security Incidents mailing list archives

Re: Interesting
From: Rafael Coninck Teigao <rafael () SafeCore NET>
Date: Fri, 28 Feb 2003 14:38:35 -0300
"http-equiv () excite com" wrote:


xx.x.xx.xx - - [26/Feb/2003:02:36:41 -0500] "GET /html.exe.zip
HTTP/1.1" 200 2245 "-" "Mozilla/5.0 (LINUX; means; Linux Is Not UniX;
<script>alert('XSS@'+document.URL)</script>; +++ath0)"


    I remember that a long time ago some modem vendors that didn't want to pay a patent fee or
something had removed the following \n (or \r) from their at commands. With this it was possible to
send +++ath0 in a specially crafted packet through, for instance, IRC and have the person on the
other end disconnected. It was similar to this IIRC.
    Most vendors fixed that, though.

    []'s,
    Rafael Coninck Teigao
    SafeCore Network Solutions
    http://SafeCore.NET


--
------------------------------------------------------------------------
The Lord is my shepherd I shall not want
        (Psalms 23)
Der Herr ist mein Hirte Mir wird nichts mangeln
        (Psalm 23)
O Senhor é o meu pastor; nada me faltará.
        (Salmo 23)
------------------------------------------------------------------------




----------------------------------------------------------------------------

<Pre>Lose another weekend managing your IDS?
Take back your personal time.
15-day free trial of StillSecure Border Guard.</Pre>
<A href="http://www.securityfocus.com/stillsecure";> http://www.securityfocus.com/stillsecure </A>

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]