(old)Puppy Linux Discussion Forum

READ-ONLY Archive
https://oldforum.puppylinux.com/

Yahoo exploited read link

https://oldforum.puppylinux.com/viewtopic.php?t=82499

Page 1 of 1

Yahoo exploited read link

Posted: Sun 25 Nov 2012, 22:55
by nooby
http://www.wilderssecurity.com/showthre ... ost2148480
http://krebsonsecurity.com/2012/11/yaho ... tches-700/

[quote]A zero-day vulnerability in yahoo.com that lets attackers hijack Yahoo! email accounts and redirect users to malicious Web sites offers a fascinating glimpse into the underground market for large-scale exploits.

The exploit, being sold for $700 by an Egyptian hacker on an exclusive cybercrime forum, targets a “cross-site scripting

Posted: Mon 26 Nov 2012, 04:24
by Barkin
Supposedly the NoScript addon for FireFox offers protection against XSS attacks ... http://noscript.net/features#xss

Yahoo exploited read link

Posted: Mon 26 Nov 2012, 08:00
by Monsie
The thing is... there have been many vulnerabilities discovered involving cross-site scripting which have been fixed to date as explained here. So, I am thinking that this must be a new security risk that will have to be addressed. Unfortunately, it doesn't appear to be a "one size patch fixes all" kind of problem.

Monsie
All times are UTC
Page 1 of 1

Powered by phpBB® Forum Software © phpBB Limited