Re: Microsoft ISA Server HTTP error handler XSS (TL#007)

From: http-equivat_private
Date: Sat Jul 19 2003 - 07:07:37 PDT

Next message: pupet cahyo: "Simpnews include file Vulnerability"

Previous message: Bahaa Naamneh: "Buffer overflow in MSN Messenger 6.0"
Maybe in reply to: Thor Larholm: "Microsoft ISA Server HTTP error handler XSS (TL#007)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> 
> <A href="http://%09%09%09%09%09%09%09 
> 09www.malware.com">http://www.microsoft.com> 

The following will represent a true status and a false destination:


<A href="http://www.microsoft.com%09%09%09@%09%09%09%09%09%09 
09www.malware.com">http://www.microsoft.com>



-- 
http://www.malware.com

Next message: pupet cahyo: "Simpnews include file Vulnerability"
Previous message: Bahaa Naamneh: "Buffer overflow in MSN Messenger 6.0"
Maybe in reply to: Thor Larholm: "Microsoft ISA Server HTTP error handler XSS (TL#007)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Sat Jul 19 2003 - 11:50:17 PDT