smtp relay check
more info
translate to ...
[1] . [2] . [3] . [4] . [5] . [6] . [7] . [8]
EyeonSecurity Forums
elfqrin swg help net security
frame4 security hacker gurus computerglitch
gotr00t b0iler hackinthebox wand products
adv-knowledge rootshell wbglinks
Copyright © 2001,2002 eyeonsecurity Inc., All Rights Reserved. No portions of eyeonsecurity may be used without express, written permission

Are you vulnerable to Flash XSS attacks?

List of services
   MSN Groups - advisory
   DeviantArt (description) (works when HTML code is enabled - description)
   The Cloak (description)
   Anonymizer (description - note: they might have fixed it)

List of software
   YaBB (description)
   IkonBoard (description)
   Invision Board (discovered by Matt Murphy - post in EoS Forums)

What is a Flash XSS Attack?
Recommended reading: Bypassing JavaScript Filters – the Flash! Attack
Short description: Making use of Flash (SWF files) to launch a Cross Site Scripting attack. This is a hole found in a good number of well known webservices including MSN, YaBB and a good number of other sites which allow Flash content.

Contributing to the above list
If you want to report software or a service which is vulnerable to Flash XSS attacks you may:
      o Send us comment (fill in the form on the left)
      o Send an e-mail to
      o Submit to the forum

Please note that EyeonSecurity will always give credit to the original poster unless the poster writes that he/she wants to remain anonymous.

If you're in the list...
Good Reading ..
Using AllowScriptAccess to control outbound scripting from Macromedia Flash - (Thanks to Bertrand Saint-Guillain for this pointer)
Macromedia Flash Player Cross Server Scripting Security Issue