Google Chrome Break
- To: bugtraq@xxxxxxxxxxxxxxxxx
- Subject: Google Chrome Break
- From: Liu Die Yu <liudieyu.com@xxxxxxxxx>
- Date: Tue, 11 Nov 2008 16:34:29 +0800
- Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from :user-agent:mime-version:to:subject:content-type :content-transfer-encoding; bh=/DV5O0g4O6J055EAT16ZnbkbfYkxZbO8ixEmU5wXzAA=; b=m6l5XJIwWKpTgAJY5ry1xOm5LpiyiDGSAEdiJby9ySoq0Sma/cvL7cX4gU1ILpSfw9 slIdRQIZVPvgixpvCCuMPaAdmxSJYoXwaWq8Hx8Wo5yqvtPFpaxtzwOn5y0PXxocU5Lz rZJMXHDyIfj+J/l16mkcI+mAZFMO/yRpLT0XE=
- Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:user-agent:mime-version:to:subject :content-type:content-transfer-encoding; b=GVpTSjBybX8vRIvFMj81Dgv3uMcGLCSJzgqBr32VgrZIy6aBSScOcyGpddUQ/vDtpU LdfPB8zo1oGz7FdPzfQQr6GptCeqraCJf9rGGUq8EYvMXuS5LeM2QSe01RTLznfF7seJ YF72BlyaN6VlneRBJR9Y8k+rPigTrHp872eiw=
- List-help: <mailto:bugtraq-help@securityfocus.com>
- List-id: <bugtraq.list-id.securityfocus.com>
- List-post: <mailto:bugtraq@securityfocus.com>
- List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
- List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
- Mailing-list: contact bugtraq-help@xxxxxxxxxxxxxxxxx; run by ezmlm
- User-agent: Thunderbird 2.0.0.14 (Windows/20080421)
Address spoofing. Already patched. It's in the news last month.
Just a reminder, XCON'08 is coming in a week - check http://xcon.xfocus.org/
greetz to drewcopley, drorshalev, zwell, liuyuer, lqa21, and, of course
all@topsec
----------
http://liudieyu.com/kissofthedragon.32168816196486005/
To be viewed with Google Chrome
Last tested
Wednesday, October 29, 2008 at 9:53:18 AM (time zone: UTC/GMT +8 hours)
Up-to-date Google Chrome (version: 0.2.149.30)
Contents
Address spoofing.
1. Address is displayed "bbb.org".
2. Contents are not from bbb.org(contents are manipulated).
http://twitter.com/liudieyu
Google Chrome is still "virgin" - Right now only had a bunch of D.o.S,
and, a buffer overrun if user saves the attacker's webpage.