[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [zenith_parsec@THE-ASTRONAUT.COM: XChat URL handler vulnerabilty]

To: xchat-discuss@nl.linux.org
Subject: Re: [zenith_parsec@THE-ASTRONAUT.COM: XChat URL handler vulnerabilty]
From: Decklin Foster <decklin@red-bean.com>
Date: Fri, 18 Aug 2000 23:51:01 -0400
In-Reply-To: <Pine.LNX.4.10.10008191322240.376-100000@cel1.localdomain>; from zed@linuxpower.org on Sat, Aug 19, 2000 at 01:23:18PM +1000
List: xchat-discuss
Organization: Imperial Mica Board
References: <20000818133956.D1948@linuxpower.org> <Pine.LNX.4.10.10008191322240.376-100000@cel1.localdomain>
Reply-To: xchat-discuss@nl.linux.org
Sender: owner-xchat-discuss@nl.linux.org
User-Agent: Mutt/1.2.5i

Peter writes:

> Yeah saw it too, pretty pissweak "vulnerabilty" :) Though I guess we can
> filter out the ` character (or escape it? \` ?)

We should get & while we're at it. http://foo/bar?baz=1&quux=2 not
working is annoying.

-- 
There is no TRUTH. There is no REALITY. There is no CONSISTENCY. There
are no ABSOLUTE STATEMENTS. I'm very probably wrong. -- BSD fortune(6)
-
XChat-discuss: mailing list for XChat users
Archive:       http://mail.nl.linux.org/lists/
Posted By:     Decklin Foster <decklin@red-bean.com>

Follow-Ups:
- Re: [zenith_parsec@THE-ASTRONAUT.COM: XChat URL handler vulnerabilty]
  - From: Peter <zed@linuxpower.org>

References:
- [zenith_parsec@THE-ASTRONAUT.COM: XChat URL handler vulnerabilty]
  - From: Adam Langley <agl@linuxpower.org>
- Re: [zenith_parsec@THE-ASTRONAUT.COM: XChat URL handler vulnerabilty]
  - From: Peter <zed@linuxpower.org>
- Re: [zenith_parsec@THE-ASTRONAUT.COM: XChat URL handler vulnerabilty]
  - From: Peter <zed@linuxpower.org>

Prev by Date: Re: [zenith_parsec@THE-ASTRONAUT.COM: XChat URL handler vulnerabilty]
Next by Date: Re: [zenith_parsec@THE-ASTRONAUT.COM: XChat URL handler vulnerabilty]
Prev by thread: Re: [zenith_parsec@THE-ASTRONAUT.COM: XChat URL handler vulnerabilty]
Next by thread: Re: [zenith_parsec@THE-ASTRONAUT.COM: XChat URL handler vulnerabilty]
Index(es):
- Date
- Thread