cross-site to root scripting papers

From: Ben Greenberg (benfallout2at_private)
Date: Fri Jun 27 2003 - 09:36:33 PDT

Next message: ndat_private: "gera's encoder"

Previous message: Martin Mačok: "Radware Linkproof: SSH port DoS"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi bugtraq.

Does anyone know or have any links pertaining to getting root or more 
privellaged access from a cross-site scripting vulnerability,  I always have 
thought that people underestimate cross site scripting vulnerabilties.  All 
I know about so far is that <iframe> can be used to get some protected 
files, and that java servlets can be used to exploits these cross site 
scripting vulnerabilities, but thats about all.

Thanks for the help

Urthogie

_________________________________________________________________
Add photos to your e-mail with MSN 8. Get 2 months FREE*.  
http://join.msn.com/?page=features/featuredemail

Next message: ndat_private: "gera's encoder"
Previous message: Martin Mačok: "Radware Linkproof: SSH port DoS"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Jun 27 2003 - 09:47:20 PDT