PDA

View Full Version : NoScript blocks ANOTHER type of exploit


davidh
March 12th, 2009, 03:24 AM
Browser plug-ins, transparent proxies and same origin policies
Published: 2009-03-10,
Last Updated: 2009-03-10 13:37:41 UTC
by Swa Frantzen (Version: 1)

Last month CERT released a not much published about vulnerability note, that by now still lists many vendors as unknown, but is starting to collect a number of vulnerable ones as well.

Robert sent us a pointer to a paper titled "Socket Capable Browser Plugins Result In Transparent Proxy Abuse".
http://isc.sans.org/diary.html?storyid=5989&rss
DH