Vulnerability Development mailing list archives
Re: /instmsg/alias/annoying_web_logs ;)
From: zeno <bugtraq () cgisecurity net>
Date: Tue, 15 Oct 2002 22:15:20 -0400 (EDT)
--=-B7AqP1iWfBBvKe0JfVO6 Content-Type: text/plain Content-Transfer-Encoding: quoted-printable Originally it is about an article from Immunity's website (http://www.immunitysec.com/dailydave/) -dave
Ah sorry I've never read your website. This is a known issue actually for people who pay attention To the weblogs. - zeno
On Tue, 2002-10-15 at 13:59, Elan Hasson wrote:What the hell is this thread about? =20 -----Original Message----- From: zeno [mailto:bugtraq () cgisecurity net] Sent: Tuesday, October 15, 2002 10:05 AM To: H D Moore Cc: Dave Aitel; dan () doxpara com; vuln-dev () securityfocus com Subject: Re: /instmsg/alias/annoying_web_logs ;) =20 =20I get billions of these things too, its part of some MSN groups/chat thing, essentially it takes requests the "alias" of the email address (dave () immunitysec com =3D> /instmsg/alias/dave). Might be fun to send b=ack=20 These things are damn annoying. I get probably 5 of these a day and 1 per=sonkeeps checking me every few hours. =20 =20some looooong responses ;) My favorites are all the ones that originate from microsoft "tide" addresses... They send me some funny referrers fr=omtheir intranet servers once in a while too.=20 Ha. =20 =20--- "Immunity also gets a lot of requests for /instmsg/alias/dave, which doesn't exist. I'm curious what web client plugin causes this behavior. And, I've noticed FrontPage makes PROPFIND, /_vti_bin/shtml.dll, and other FrontPage-style requests. Somewhere here I smell an exploitable client-side vulnerability." ---=20 =20 I'm curious do we know this is MSN messanger? Anybody else know if AIM or another client sends these requests? =20 - zeno =20 =20--=20 Dave Aitel <dave () immunitysec com> Immunity, Inc --=-B7AqP1iWfBBvKe0JfVO6 Content-Type: application/pgp-signature; name=signature.asc Content-Description: This is a digitally signed message part -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQA9rMgzB8JNm+PA+iURAkazAKDnldsHKa+lJwho94L4ruj4Z7tYFgCgnfH5 5yvUOI5QULCUhH7UJiqibsw= =6xEz -----END PGP SIGNATURE----- --=-B7AqP1iWfBBvKe0JfVO6--
Current thread:
- Re: CROSS SITE-SCRIPTING Protection with PHP, (continued)
- Re: CROSS SITE-SCRIPTING Protection with PHP Dan Kaminsky (Oct 14)
- Hashes,File protection,etc Dave Aitel (Oct 14)
- Re: Hashes,File protection,etc Dan Kaminsky (Oct 14)
- Re: Hashes,File protection,etc Dave Aitel (Oct 14)
- /instmsg/alias/annoying_web_logs ;) H D Moore (Oct 15)
- Re: /instmsg/alias/annoying_web_logs ;) zeno (Oct 15)
- Re: /instmsg/alias/annoying_web_logs ;) Dave Aitel (Oct 15)
- Re: /instmsg/alias/annoying_web_logs ;) zeno (Oct 15)
- RE: /instmsg/alias/annoying_web_logs ;) Elan Hasson (Oct 15)
- RE: /instmsg/alias/annoying_web_logs ;) Dave Aitel (Oct 16)
- Re: /instmsg/alias/annoying_web_logs ;) zeno (Oct 16)
- Re: /instmsg/alias/annoying_web_logs ;) Chip McClure (Oct 15)
- RE: /instmsg/alias/annoying_web_logs ;) Shawn K. Hall (RA/Security) (Oct 20)
- Re: Hashes,File protection,etc Tony (Oct 15)
- Re: Hashes,File protection,etc Roland Postle (Oct 15)
- Re: Hashes,File protection,etc Valdis . Kletnieks (Oct 15)
- Re: Hashes,File protection,etc Roland Postle (Oct 16)
- Re: Hashes,File protection,etc Valdis . Kletnieks (Oct 16)
- Re: Hashes,File protection,etc Bob Mathews (Oct 16)
- Re: Hashes,File protection,etc Jose Nazario (Oct 15)
- Re: Hashes,File protection,etc Valdis . Kletnieks (Oct 15)