Full Disclosure mailing list archives

RE: Re: morning_wood should stop posting xss

From: "Richard M. Smith" <rms () computerbytesman com>
Date: Thu, 24 Jul 2003 14:54:10 -0400

I thought the XSS bug in the HP 4550 remote administration interface
that morning found was pretty cool.  His HP advisory was just published
on Bugtraq also.

Of course, not all XSS bugs are created equal.  Can anything interesting
be done with the XSS bug at morning's site?

Richard 

-----Original Message-----
From: full-disclosure-admin () lists netsys com
[mailto:full-disclosure-admin () lists netsys com] On Behalf Of Jennifer
Bradley
Sent: Thursday, July 24, 2003 1:48 PM
To: full-disclosure () lists netsys com
Subject: Re: Re: [Full-disclosure] morning_wood should stop posting xss


The whole point, you moron, is that you are trying to gain credibility
as a security researcher.  If your own web site has a so-called XSS
security hole that you love to post about, then you look like an
idiot.  People, glass houses, stones, yada yada.

On Thu, 24 Jul 2003 03:35:47 -0700 morning_wood
(se_cur_ity () hotmail com) wrote:

 my site is my site, why are you telling me to "fix" it? I knew it's
404 has xss before any of you did.
Whats the big deal what my site has or hasnt... hmm? If you dont like
my stuff, dont read it,
my name is on every one of my posts.. every hear of filter? I dont
read several advisories here based on title alone.. am i missing out?
mby, mby not.. are you? XSS is a seecurity issue plain and simple, and
"my site" can have or have not whatever i please, i suggest not
visiting then, hell .. why are you even bothering to visit if you dont
like.. "all you do is lame xss" ???  a job... ROFL  stfu  .. mmmmkay

morning_wood

  ----- Original Message -----
  From: Faulty
  To: full-disclosure () lists netsys com
  Sent: Thursday, July 24, 2003 2:30 AM
  Subject: [Full-disclosure] morning_wood should stop posting xss
vulns in sites and fix his own site.


  morning_wood what is it with you and xss no one cares. Don't you
think you shoudl fix your own xss vulns in your site
http://lists.netsys.com/pipermail/full-disclosure/2003-July/011565.htm
l
  before you accuse other people of being dumb for having the vulns.
Mabee you want to fix your site but you can't ? cuz you have no skillz
  here is a tip - GIVE UP GET A JOB AT BURGER KING.


----------------------------------------------------------------------
--------
  Want to chat instantly with your online friends? Get the FREE Yahoo!
Messenger


_______________________________________________________________________
LOOK GOOD, FEEL GOOD - WWW.HEALTHIEST.CO.ZA

Cool Connection, Cool Price, Internet Access for R59 monthly @ WebMail
http://www.webmail.co.za/dialup/
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Current thread:

Re: Re: morning_wood should stop posting xss Jennifer Bradley (Jul 24)
- Re: Re: morning_wood should stop posting xss morning_wood (Jul 24)
- RE: Re: morning_wood should stop posting xss Richard M. Smith (Jul 24)
- RE: Re: morning_wood should stop posting xss Rick patel (Jul 24)
- morning_wood. Larry W. Cashdollar (Jul 25)
  - Re: morning_wood. Michael Renzmann (Jul 25)
- Re: Re: morning_wood should stop posting xss misiu_ (Jul 28)
  - Re: morning_wood should stop posting xss Michael Renzmann (Jul 28)
- <Possible follow-ups>
- RE: Re: morning_wood should stop posting xss Myers, Marvin (Jul 24)
  - Re: Re: morning_wood should stop posting xss Knud Erik Højgaard (Jul 24)
- RE: Re: morning_wood should stop posting xss Altheide, Cory B. (Jul 24)
  - Re: Re: morning_wood should stop posting xss Jeremiah Cornelius (Jul 24)
  - Re: morning_wood should stop posting xss Valdis . Kletnieks (Jul 24)

(Thread continues...)