l i n u x - u s e r s - g r o u p - o f - d a v i s
L U G O D
 
Next Meeting:
December 2: Social gathering
Next Installfest:
TBD
Latest News:
Nov. 18: Club officer elections
Page last updated:
2003 Dec 11 20:50

The following is an archive of a post made to our 'vox-tech mailing list' by one of its subscribers.

Report this post as spam:

(Enter your email address)
Re: [vox-tech] New phishing vulnerability
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [vox-tech] New phishing vulnerability



On Thu, 2003-12-11 at 15:47, Larry Ozeran wrote:
> At 11:25 PM 12/9/03 -0600, you wrote:
> >> I use old browsers. MSIE 5.50 and Netscape 4.77 both work OK for me.
> >> (i.e. http://www.microsoft.com%01@zapthedingbat.com/security/ex01/vun2.htm
> >> displays on the address line for both)
> >
> <snip>
> 
> >On IE 5.0 on Windows, there was nothing after http://www.microsoft.com ...
> and actually, if I go into the URL bar on IE and type
> http://www.microsoft.com, I will see in the history, almost the same link I
> see in Mozilla, except with the %01 replaced by a box (standard unprintable
> character)
> 
> On IE 5.5 in Windows, I get the full address. Maybe MS fixed it in 5.5,
> then for some reason unfixed in 6.0?

You can't replicate the problem by just pasting the link above into your address
bar. You need to access the link from here:

http://www.zapthedingbat.com/security/ex01/vun1.htm

Press the "Test Exploit" button.


> _______________________________________________
> vox-tech mailing list
> vox-tech@lists.lugod.org
> http://lists.lugod.org/mailman/listinfo/vox-tech
-- 
R. Douglas Barbieri
doug@dooglio.net
http://www.dooglio.net

GPG Fingerprint : FE6A 6A57 2B95 7594 E534  BFEE 45F1 9E5E F30A 8A27
MIT.edu recv-key: C55B91D4
GPG Public key  : http://www.dooglio.net/dooglio.asc

Attachment: signature.asc
Description: This is a digitally signed message part



LinkedIn
LUGOD Group on LinkedIn
Sign up for LUGOD event announcements
Your email address:
facebook
LUGOD Group on Facebook
'Like' LUGOD on Facebook:

Hosting provided by:
Sunset Systems
Sunset Systems offers preconfigured Linux systems, remote system administration and custom software development.

LUGOD: Linux Users' Group of Davis
PO Box 2082, Davis, CA 95617
Contact Us

LUGOD is a 501(c)7 non-profit organization
based in Davis, California
and serving the Sacramento area.
"Linux" is a trademark of Linus Torvalds.

Sponsored in part by:
O'Reilly and Associates
For numerous book donations.