[LUAU] Non-IE bug?
Rodney Kanno
pepe65 at hawaii.rr.com
Tue Feb 8 16:22:22 PST 2005
You can find instructions for a "temporary" fix here:
http://users.tns.net/~skingery/weblog/2005/02/permanent-fix-for-shmoo-group-exploit.html
Rodney
pnakashi at k12.hi.us wrote:
>This scares me. What are the chances of this being fixed anytime soon?
>--Peter
>
>A new phishing/scam threat using International Domain Names (IDN) can be
>used to steal your identity and money.
>See following for details:
>http://www.infoworld.com/article/05/02/08/HNdomainnamethreat_1.html
>
>Go to following for a demo of this phishing attack and description:
>http://www.shmoo.com/idn
>Click on the links for www.paypal.com, you will get a bogus site with the
>word "meeow" which could be made to look like the real site to steal your
>information. Both the regular html and SSL (https) links can be forged.
>
>Currently, this exploit affects only non-Microsoft IE browsers. Since IE
>has not yet implemented IDN in it's browser it is not vulnerable.
>
>_______________________________________________
>LUAU at lists.hosef.org mailing list
>http://lists.hosef.org/cgi-bin/mailman/listinfo/luau
>
>
>
More information about the LUAU
mailing list