Home  
Login
Username:

Password:

Remember me



Lost Password?

Register now!
Sections
Who's Online
65 user(s) are online (48 user(s) are browsing Forums)

Members: 0
Guests: 65

more...
Support us!
Recent OS4 Files
OS4Depot.net





Odyssey vulnerable to URL spoofing trick
Home away from home
Joined:
2007/5/19 13:23
From England
Posts: 3487
An article about the exploit is here:
http://www.theregister.co.uk/2015/05/ ... ri_address_spoofing_vuln/

And you can prove that Odyssey is vulnerable using this:
http://www.deusen.co.uk/items/iwhere.9500182225526788/
(Click on "Go", and you will see a fake Daily Mail URL in the address bar.)


In short: Odyssey's web engine needs updating to something recent.

   Report Go to top

Re: Odyssey vulnerable to URL spoofing trick
Just can't stay away
Joined:
2008/1/6 17:56
From Pennsylvania, USA
Posts: 1247
@ChrisH
If you click the link "Broadband routers: SOHOpeless and vendors don't care" on the article page, it becomes apparent that if your browser doesn't get you in trouble then your router will
However, that's no reason not to update the browser and get some protection.

   Report Go to top

Re: Odyssey vulnerable to URL spoofing trick
Just can't stay away
Joined:
2006/12/4 23:15
Posts: 1881
@ChrisH

No problem in AWeb

/me runs


   Report Go to top

Re: Odyssey vulnerable to URL spoofing trick
Amigans Defender
Joined:
2006/11/17 22:40
From England
Posts: 3171
@broadblues

Likewise fine in NetSurf

/hides

   Report Go to top

Re: Odyssey vulnerable to URL spoofing trick
Home away from home
Joined:
2007/5/19 13:23
From England
Posts: 3487
@Chris, @broadblues
You's guys aren't very helpful as neither of those browsers are based upon WebKit (which is used by Safari, the browser used for the URL spoofing trick).

edit: I'm sure that AWeb & NetSurf have lots of security vulnerabilities... if they were popular enough for anyone to look for them :) . Actually, isn't AWeb switching to the KHTML engine? Maybe someone is looking for vulnerabilites afterall!


Edited by ChrisH on 2015/5/22 16:41:33
   Report Go to top





[Advanced Search]


Powered by XOOPS 2.0 © 2001-2016 The XOOPS Project