Internet Explorer URL Display problem
Chris Yuzik
chris at FRACTALWEB.COM
Wed Dec 10 20:10:09 GMT 2003
> On Wednesday 10 December 2003 7:46 pm, Antony wrote:
> Note by the way that the original notification referred to the %01 being
> *after* the @ sign, not before it (before too many people go off and
> concoct various pattern matches for the wrong pattern!)
I believe the *after* is a typo on the vulnerability proof of concept
page. If you click the link or view the html source you'll note that the
link goes to:
http://www.microsoft.com%01@zapthedingbat.com/security/ex01/vun2.htm
If you try it *after* the @ then it doesn't work at all.
http://www.microsoft.com@%01zapthedingbat.com/security/ex01/vun2.htm
Cheers,
Chris
More information about the MailScanner
mailing list