[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Full-disclosure] NewOrder.box.sk Inherits Severe Redirection Vulnerability

To: full-disclosure@xxxxxxxxxxxxxxxxx
Subject: [Full-disclosure] NewOrder.box.sk Inherits Severe Redirection Vulnerability
From: Aditya K Sood <zeroknock@xxxxxxxxxxx>
Date: Wed, 28 Mar 2007 23:19:25 +0530

Hi

Previous Rootkit.com Vulnerability have been patched.
The neworder.box.sk is famous security website.It inherits very specific 
redirection attacks. The domain forwarding or URL forwarding not only 
directly possible through the website but can be called from third party 
directly.

A very generic analysis have been undertaken based on search engine
specification.Look into the issues at:

http://zeroknock.blogspot.com/2007/03/neworderboxsk-inherits-severe.html
http://zeroknock.metaeye.org/analysis/neworder_red.xhtml

Regards
Zeroknock
http://zeroknock.metaeye.org/mlabs

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Follow-Ups:
- Re: [Full-disclosure] NewOrder.box.sk Inherits Severe RedirectionVulnerability
  - From: Nikolay Kichukov

Prev by Date: [Full-disclosure] [Full-Disclosure] Another XSS vulnerability in italian Libero.it
Next by Date: [Full-disclosure] [SECURITY] [DSA 1270-2] New OpenOffice.org packages fix several vulnerabilities
Previous by thread: [Full-disclosure] [Full-Disclosure] Another XSS vulnerability in italian Libero.it
Next by thread: Re: [Full-disclosure] NewOrder.box.sk Inherits Severe RedirectionVulnerability
Index(es):
- Date
- Thread