-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Thu, 26 Sep 2002 15:51:47 -0400 (EDT) Troy Ablan <bugtraqat_private> wrote: > Question 1: Is there a way a web page can add a buddy to your AIM list > without your knowledge? With "aim:" identifier, they can theoretically add a new buddy to your list. Though they have to 'trick' you into clicking the "AIM Link". ex. aim:addbuddy?screenname=FOO&group=BAR > Question 2: How was I prevented from viewing the source of the HTML page > in IE? You should always be able to view source. Perhaps not through the menu's, but prepend the URL with "view-source:" and you'll have no problems. eg. "view-source:http://www.foo-bar.com/" > I wgetted the psecure20x-cgi-install.version6.01.bin.hx.com file as well > for anyone who wants to look at it, just in case the above link does not > work any more. > > > -- BEGIN SOURCE -- > > <html><head><title>Browser Plugin Requried</title><meta > http-equiv="refresh" content="1; > url=psecure20x-cgi-install.version6.01.bin.hx.com"></head><body><h1>Browser > Plugin Required:</h1><br>You may need to restart your browser for changes > to take affect.<br>Security Certificate by <a > href="http://www.verisign.com">Verisign</a> 2002.<br>MD5: > 9DD756AC-80E057FC-E00703A2-F801F2E3<br><br>Click <a > href="psecure20x-cgi-install.version6.01.bin.hx.com">HERE</a> and choose > "Run" to install.</body></html> > > -- END SOURCE -- What would be more interesting is to find out what the ".com" file's source is. The above just tells me that after 1 second, it sends a refresh to the file in question and through some sort of social engineering (I suppose you could say) tactics, tries to get the user to run it. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.7 (GNU/Linux) iD8DBQE9lEUXUanLvazj+VgRAnp3AJ9IZDZ6zKpxg8yAQ58M4ZrEGLM/RQCfSUmX d/bqTFdBjRPOhxowYhg8p8A= =/x1t -----END PGP SIGNATURE----- ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
This archive was generated by hypermail 2b30 : Fri Sep 27 2002 - 15:37:34 PDT