|
|
BugTraq
Konqueror: URL address bar spoofing vulnerabilities Aug 06 2007 09:44PM Robert Swiecki (jagger swiecki net) (2 replies) Re: Konqueror: URL address bar spoofing vulnerabilities Aug 06 2007 11:29PM paraw (paraw yahoo it) (1 replies) Re: [Full-disclosure] Konqueror: URL address bar spoofing vulnerabilities Aug 07 2007 05:13AM Robert Swiecki (jagger swiecki net) (1 replies) Re: [Full-disclosure] Konqueror: URL address bar spoofing vulnerabilities Aug 07 2007 08:58PM Patrick Nagel (mail patrick-nagel net) Re: Konqueror: URL address bar spoofingvulnerabilities Aug 06 2007 10:37PM Jonathan Smith (smithj rpath com) (1 replies) |
|
Privacy Statement |
Hash: SHA1
Jonathan Smith wrote:
> Robert Swiecki wrote:
> > The second one is based on the http URI scheme which allows embedding
>> user/password parameters into it, i.e. http://user:password (at) domain (dot) com. [email concealed]
>> Such parameters can contain whitespaces, so the attack vector is quite
>> obvious.
>
>> http://alt.swiecki.net/konq3.html
>
> This does interesting things to firefox as well. Specifically, it hangs
> seemingly indefinably (with no cpu utilization). Tested with firefox-2.0.0.6 on
> Foresight Linux (firefox=/foresight.rpath.org@fl:1-devel//1/2.0.0.6-1-1).
er, spoke too soon. It actually just presents a dialog box that doesn't let you
choose an option (to continue logging in or not). What I was seeing was firefox
not letting me do anything until I chose one of the non-existent options.
Killing the dialog box makes the firefox session resume normally. Apparently
this dialog-issue was fixed in trunk (for 3.x) but not in 2.x.
Thanks to Adam Guthrie from Mozilla for helping figure that one out.
smithj
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.4 (GNU/Linux)
iD8DBQFGt6/X0e1Yawpq2XMRAghuAKC7QJIkAoJmueJOU1u6DOzFCJOf9ACgyhrk
A77j6xRZJwyhh99rreUnOLo=
=aBJN
-----END PGP SIGNATURE-----
[ reply ]