WebApp Sec mailing list archives
Re: [Full-disclosure] Attacking the local LAN via XSS
From: "pdp (architect)" <pdp.gnucitizen () googlemail com>
Date: Fri, 4 Aug 2006 11:29:05 +0100
;) absolutely no worries mate, maybe I wasn't clear enough... I was referring to home routers. In general I am talking about devices that have http or https communication channels. This is because of JavaScript's limitations. Although, by using Java you can do all sorts of other stuff. regards BTW, there are quite a lot cisco devices that have http open on local LAN vulnerable to IOS HTTP Authorization Vulnerability. It has been always a matter of security vs. accessibility. This is way weak On 8/4/06, Thierry Zoller <Thierry () zoller lu> wrote:
Dear pdp (architect), pa> xecuted of the border router domain I'd like to see a "border router" serving images on port 80 ??? Doesn't make sense, really ;) No pun intented. -- http://secdev.zoller.lu Thierry Zoller Fingerprint : 5D84 BFDC CD36 A951 2C45 2E57 28B3 75DD 0AC6 F1C7
-- pdp (architect) http://www.gnucitizen.org ------------------------------------------------------------------------- Sponsored by: WatchfireDo you test web applications for XSS, SQL Injections, Buffer Overflows, Logical issues and other web application security threats? Why not automate this work with Watchfire's AppScan, the world's leading automated web application scanner. Download AppScan today!
https://www.watchfire.com/securearea/appscancamp.aspx?id=701300000008BP9 --------------------------------------------------------------------------
Current thread:
- Attacking the local LAN via XSS pdp (architect) (Aug 03)
- Re: [Full-disclosure] Attacking the local LAN via XSS Schanulleke (Aug 04)
- Message not available
- Re: [Full-disclosure] Attacking the local LAN via XSS pdp (architect) (Aug 04)
- Re[2]: [Full-disclosure] Attacking the local LAN via XSS Thierry Zoller (Aug 04)
- Re: Re[2]: [Full-disclosure] Attacking the local LAN via XSS pdp (architect) (Aug 04)
- Re: [Full-disclosure] Attacking the local LAN via XSS Nikolay Kubarelov (Aug 07)
- Re: [Full-disclosure] Attacking the local LAN via XSS Dude VanWinkle (Aug 08)
- Re: [Full-disclosure] Attacking the local LAN via XSS pdp (architect) (Aug 04)