And Now... Another URI Exploit?

Grok Headline matches for And Now... Another URI Exploit?

[Exploit]: DameWare Mini Remote Control
Server Overflow Exploit

[Exploit]: DameWare Mini Remote Control
Server Overflow Exploit 12/19/2003 06:25 PM
Adik (Dec 19 2003)

[Exploit]: Microsoft FPSE fp30reg.dll
Overflow Remote Exploit (MS03-051)

[Exploit]: Microsoft FPSE fp30reg.dll
Overflow Remote Exploit (MS03-051) 11/15/2003 02:20 PM
Adik (Nov 14 2003)

Exploit: AIM Exploit (Ignore Previous
Post)

Exploit: AIM Exploit (Ignore Previous
Post) 09/02/2004 12:07 PM
John Bissell (Sep 01 2004)

Even More Ways To Exploit The URL
Handler Exploit

Even More Ways To Exploit The URL
Handler Exploit 05/21/2004 11:34 AM

802.11b DoS exploit

802.11b DoS exploit 03/13/2003 10:22 AM
Mark Osborne (Mar 11 2003)

PHP-Post Exploit

PHP-Post Exploit 03/19/2005 03:10 AM
Terencentanio Enache (Mar 18 2005)

eZ remote exploit

eZ remote exploit 12/17/2003 02:31 PM
Iván Rodriguez Almuiña (Dec 17 2003)

IE Spoof Exploit

IE Spoof Exploit 12/29/2003 11:48 PM

New, sneaky, evil PayPal spoof: Here's a good example of an email scam made possible by the IE URL spoofing hole that remains unpatched.

Click here to comment on this entry

A new security exploit?

A new security exploit? 12/12/2003 08:08 AM

Don Park: "It's like discovering that everything you designed was built on a gigantic turtle that just woke up."

As Don recommends, I did a View Source. This is what the URL looks like. With a quick glance it looks like it's from Microsoft, but you're actually viewing a page at zapthedingbat.com. This isn't entirely new. I'm not sure what the %01 is about. I guess it's a problem if it's the action attribute of a form element, where you can't see the URL. Takeaway: look in the Address part of the browser window when you're typing into a form and if it's the wrong place, hit the Back button and resume your life.

"curly"

EXPLOIT libpng

EXPLOIT libpng 08/11/2004 01:59 PM
infamous41md_at_hotpop.com (Aug 09 2004)

Gmail Exploit, Say it Ain't So!

Gmail Exploit, Say it Ain't So! 01/07/2005 02:06 AM
What many have titled to be the king of Web based E-mail has a security problem. This one seems to be a security flaw when it comes to special characters in the E-mail address….

Direct and Related Links for 'Gmail Exploit, Say it Ain’t So!'

Serv-U exploit

Serv-U exploit 01/01/2005 04:54 AM
Berend-Jan Wever (Jan 30 2004)

Are We Just an IE Exploit Blog Now?

Are We Just an IE Exploit Blog Now? 07/13/2004 05:16 PM

Faced with yet another round of IE exploits, people are starting to move to other browsers. For the first time ever, IE has lost market share, down 1% in the past month.

"It's the first time that we've seen a sustained trend downward for them," said Geoff Johnston, an analyst with WebSideStory. "We have a very steady trend. It's been about a month, and every day we have a steady incremental change."

Internet Explorer has held more than 95 percent of the browser market since June 2002, and until June had remained steady with about 95.7 percent of the browser market, according to WebSideStory's measurements. Over the last month, however, its market share has slowly dropped from 95.73 percent on June 4 to 94.73 percent on July 6.

CNet wonders if this is truly a trend. I think that once people give Mozilla SpaceYak a try, they'll be unlikely to switch back.

Via ArsTechnic a.

Click here to comment on this entry

utilman.exe exploit

utilman.exe exploit 07/17/2004 04:09 PM
Iván Rodriguez Almuiña (Jul 17 2004)

Doom 3 Exploit

Doom 3 Exploit 08/06/2004 04:42 PM

Example of JPG Exploit & Shellcode

Example of JPG Exploit & Shellcode 09/23/2004 07:34 PM
javier falbo (Sep 22 2004)

First Ever GSM Cellphone Exploit

First Ever GSM Cellphone Exploit 04/21/2004 08:55 AM

phpbb 2.0.13 Exploit (bug)

phpbb 2.0.13 Exploit (bug) 03/25/2005 02:56 PM
tOnk3r (Mar 25 2005)

Another Zero-Day IE Scripting Exploit

Another Zero-Day IE Scripting Exploit 06/09/2004 12:43 PM

Centra 7 XSS Exploit

Centra 7 XSS Exploit 04/12/2005 08:24 PM
Posted by Clorox, Apr 12 2005

Another Hashing Exploit

Another Hashing Exploit 06/17/2005 03:45 PM

Trust no one:

Cryptographers have found a way to snip a digital signature from one document and attach it to a fraudulent document without invalidating the signature and giving the fraud away.

The development means that attackers could potentially forge legal documents, load certified software with bogus code, or turn a digitally-signed letter of recommendation into one that authorises access to private information.

"It's not the end of the world yet, but we need to stop using MD-5 and SHA-1 before it is," notes Dan Kaminsky, an independent security consultant based in Seattle, Washington, US.

Via New Scientist.

...::: hotforum.nl XSS exploit :::...

...::: hotforum.nl XSS exploit :::... 03/14/2005 04:37 PM
Rebyte Security (Mar 12 2005)

IIS, IE exploit unleashed

IIS, IE exploit unleashed 06/25/2004 12:11 PM
A possible "zero-day" IIS exploit combined with a vulnerability in IE6 is resulting in PCs which visit compromised sites being infected with malware. The code consists of JavaScript appended to image files downloaded from compromised IIS servers.

Local PoC exploit for Unace v2.2

Local PoC exploit for Unace v2.2 11/11/2003 05:36 PM
demz (Nov 10 2003)

NIPrint remote exploit

NIPrint remote exploit 11/04/2003 12:13 PM
Crazy Einstein (Nov 04 2003)

surfboard1.1.6 local exploit.

surfboard1.1.6 local exploit. 05/12/2004 03:39 PM
Anonymous (May 11 2004)

Re: surfboard1.1.6 local exploit.

Re: surfboard1.1.6 local exploit. 05/13/2004 01:47 PM
Meredydd (May 13 2004)

New Internet Explorer exploit

New Internet Explorer exploit 06/29/2004 06:44 PM
Browser hijackers continue to be on the rise. The latest is a toolbar called ILookup. This hijacker works quickly to install unwanted software that changes the user’s homepage in addition to creating pornographic pop-up ads on the infected computer. Initially, it must have simply appeared to be “just another piece of spyware” to contend with. A Dutch security researcher read about this browser hijacker from an email he had received and decided to poke around a little to see what made it tick. As it turns out, it takes advantage of a previously unknown exploit from within Internet Explorer (Ya, there is shock). Understandably, Microsoft is quite upset about the use of this exploit. Stephen Toulouse, security program manager for Microsoft, referred to ILookup’s tactics as a criminal act. Now, I understand why Microsoft would get so angry about someone making use of Internet Explorer’s shortcomings, but it would be a lot more convincing if we began to see them actually do something to redo IE rather than simply making “quick fixes” with these patches that they keep offering through the Windows Update website. Hint, hint Microsoft.

New IE Exploit Spoofs Web Sites

New IE Exploit Spoofs Web Sites 12/19/2004 03:02 PM
Updated: Security researchers have uncovered a spoofing flaw in Internet Explorer that could allow a scammer to display a fake Web site with all of the attributes of a genuine, secure site.

Re: XFree86 vulnerability exploit

Re: XFree86 vulnerability exploit 02/13/2004 07:47 PM
Adam Langley (Feb 13 2004)

NEW GDI+ JPEG Remote Exploit

NEW GDI+ JPEG Remote Exploit 09/25/2004 02:13 AM
John Bissell (Sep 22 2004)

Re: Mkdir exploit for PDP-11 doesn't
work

Re: Mkdir exploit for PDP-11 doesn't
work 06/14/2004 02:50 PM
Denis Solaro (Jun 12 2004)

Remote exploit in Gallery 1.3.1, 1.3.2,
1.3.3, 1.4 and 1.4.1

Remote exploit in Gallery 1.3.1, 1.3.2,
1.3.3, 1.4 and 1.4.1 01/27/2004 07:34 PM
Bharat Mediratta (Jan 27 2004)

Re: clamav 0.65 remote DOS exploit

Re: clamav 0.65 remote DOS exploit 02/10/2004 02:57 AM
Mark Renouf (Feb 09 2004)

XFree86 vulnerability exploit

XFree86 vulnerability exploit 02/11/2004 05:45 PM
Bender (Feb 11 2004)

Critical Exploit Found in AIM

Critical Exploit Found in AIM 08/10/2004 04:58 AM

Mitnick to exploit hackers for $500 a
pop

Mitnick to exploit hackers for $500 a
pop 12/31/2003 03:46 PM
Fame and glory awaits

MS04-007 Exploit released

MS04-007 Exploit released 02/16/2004 04:01 PM

Microsoft Jet (msjet40.dll) Exploit

Microsoft Jet (msjet40.dll) Exploit 04/11/2005 08:25 PM
Posted by Stuart Pearson, Apr 11 2005
Grok Description matches for And Now... Another URI Exploit?
GrokA matches for And Now... Another URI Exploit?

And Now... Another URI Exploit?

The following phrases have been identified by the grok system as matching this entry: