|Copyright © 2001,2002 eyeonsecurity
Inc., All Rights Reserved. No portions of eyeonsecurity
may be used without express, written permission
A previously unpublished way to inject CSS (Cross site scripting)
attack on Web Applications which allow Flash content. Many sites
may currently be vulnerable to this kind of attack.
HTML Form Attack
A new Cross Site Scripting attack which effects
(at least) major browsers Internet Explorer and Opera. This one
makes use of forms targeted at non-HTTP services.
Microsoft Passport Account Hijack
An analysis of the Microsoft Passport, describing a Cross Site Scripting
attack, and how it may allow malicious users to jump from one service
to another using other user's credentials.
When your server ends
up a Warez site
A paper describing ftp scans by warez dealers, methods and trends
in the community.
An analysis of JB's Anti-GRC
A study of an IRC worm which uses an exploit in Internet Explorer.
Describes how the virus writer chose to launch a DDoS through this