|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: [Full-disclosure] Mac OSX 10.4 Dashboard Authentication Hijacking Vulnerability
From: ZATAZ.net (exploits
zataz.net)
Date: Thu May 19 2005 - 01:41:41 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Hello,
http://stephan.com/widgets/zaptastic/
Regards.
Le 19 mai 05 à 08:36, ph0enix a écrit :
>> Date: May 19, 2005
>> Description: OSX 10.4 Dashboard Permits Hijacking of Authenticated
>> Credentials
>
> This issue is known since 2005-05-09 and OSVDB had an entry already:
> http://www.osvdb.org/16499
>
>> Versions Affected:
>> OSX 10.4.0
>> OSX 10.4.1
>
> 10.4.1 doesn't seem to be vulnerable. Could you please show how do
> you exploit this when the option in Safari is turned on?
>
>
> www.osvdb.org -- everything is vulnerable.
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
Cordialement
-----------------------------------------------------
Eric Romang / ZATAZ Production
Co-fondateur de ZATAZ
eromangzataz.net
www.zataz.com / www.zataz.net
GSM : +352 091 600 404
B.P. 311
59474 Seclin Cedex
France
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]