Full Disclosure mailing list archives
Re: Re: Round One: "DLL Proxy" Attack Easily Hijacks SSL From Internet Explorer
From: Valdis.Kletnieks () vt edu
Date: Mon, 09 Feb 2004 16:22:14 -0500
On Mon, 09 Feb 2004 20:23:07 GMT, first last <randnut () hotmail com> said:
This is OLD news. Where have you been? It's been used for as long as LoadLibrary has existed by programs monitoring other programs. There are dozens of other ways of reading data from another program before and after data is encrypted/decrypted. I could write a dozen similar advisories and post them here and to BugTraq but I won't because they're OLD news.
We need somebody to volunteer to keep an "old news" webpage with all this stuff listed,and put the URL in the monthly charter posting. Then when people post old rediscovered stuff, we can just say 'RTFM' ;) Has anybody noticed a rise/drop in re-reports of old IE bugs since Thor took his 'known unpatched vulns' page down?
Attachment:
_bin
Description:
Current thread:
- Re: Round One: "DLL Proxy" Attack Easily Hijacks SSL From Internet Explorer first last (Feb 09)
- Re: Re: Round One: "DLL Proxy" Attack Easily Hijacks SSL From Internet Explorer Valdis . Kletnieks (Feb 09)
- <Possible follow-ups>
- Round One: "DLL Proxy" Attack Easily Hijacks SSL From Internet Explorer Disclosure From OSSI (Feb 09)