[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-disclosure] Firefox & Mozilla Advisory

To: Todd Towles <toddtowles@xxxxxxxxxxxxxxx>, full-disclosure@xxxxxxxxxxxxxxxxx
Subject: Re: [Full-disclosure] Firefox & Mozilla Advisory
From: Ben Vaisvil <benv@xxxxxxxxxxxxxxxxx>
Date: Tue, 10 May 2005 16:36:17 -0500

Your guess is probably correct - and The Register reports about the same:

http://www.theregister.co.uk/2005/05/09/google_dns_glitch/

Todd Towles wrote:

I was just taking a guess at what could have happened. But it sounds
like it would work. You buy www.google.com.net and then you wait for
their DNS to mess up and you get thousands and thousands of hits to your
spyware site. Possible Passive Pharming attack?
Anyone know for sure what happen?
-----Original Message----- From: full-disclosure-bounces@xxxxxxxxxxxxxxxxx [mailto:full-disclosure-bounces@xxxxxxxxxxxxxxxxx] On Behalf Of Ben Vaisvil Sent: Tuesday, May 10, 2005 3:07 PM To: full-disclosure@xxxxxxxxxxxxxxxxx Subject: Re: [Full-disclosure] Firefox & Mozilla Advisory

Engadget.com was claiming (incorrectly) that google got hacked http://64.233.167.104/search?q=cache:aAAhpPYRP5cJ:www.engadget .com/entry/1234000610042620/+engadget+google+hacked&hl=en
Didn't take long for baseless speculation!
Todd Towles wrote:
Well, the patch the mozilla server was modified to fix the
issue. Paul

told everyone the whole story about it on here yesterday. I heard about this on the weekend.

I am surprised no one has talked about the Google DNS issue. Users were tricked into going to SoGoSearch.com because of IE's
great domain

search function. When IE can't find a site, it starts to
search. Well,
SoGoSearch.com owns www.google.com.net, and therefore that is why people were getting spyware/adware junk.
-----Original Message----- From: full-disclosure-bounces@xxxxxxxxxxxxxxxxx [mailto:full-disclosure-bounces@xxxxxxxxxxxxxxxxx] On Behalf Of Morning Wood Sent: Tuesday, May 10, 2005 1:21 PM To: P Ellison; full-disclosure@xxxxxxxxxxxxxxxxx Subject: Re: [Full-disclosure] Firefox & Mozilla Advisory
wtf???  - - - - this HAS BEEN PATCHED
no "heads-up" needed ( you missed the boat by a week )
BUT THANKS FOR PLAYING!
----- Original Message -----
From: "P Ellison" <peter.jfactu@xxxxxxxxxxxxxx>
To: <full-disclosure@xxxxxxxxxxxxxxxxx>
Sent: Tuesday, May 10, 2005 9:21 AM
Subject: [Full-disclosure] Firefox & Mozilla Advisory
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

References:
- RE: [Full-disclosure] Firefox & Mozilla Advisory
  - From: Todd Towles

Prev by Date: RE: [Full-disclosure] Firefox & Mozilla Advisory
Next by Date: [Full-disclosure] ThinkSECURE's AIRRAID - A WIRELESS HACKING TOURNAMENT - AUG 2005, SINGAPORE
Previous by thread: RE: [Full-disclosure] Firefox & Mozilla Advisory
Next by thread: [Full-disclosure] Crash in Zoidcom 1.0 beta 4
Index(es):
- Date
- Thread