<div>Symantec is report the same flaw</div>
<div> </div>
<div><a href="http://www.symantec.com/enterprise/security_response/weblog/2006/10/host_overflow_application_exce.html">http://www.symantec.com/enterprise/security_response/weblog/2006/10/host_overflow_application_exce.html
</a><br><br> </div>
<div><span class="gmail_quote">On 10/8/06, <b class="gmail_sendername">Peter Dawson</b> <<a href="mailto:slash.pd@gmail.com">slash.pd@gmail.com</a>> wrote:</span>
<blockquote class="gmail_quote" style="PADDING-LEFT: 1ex; MARGIN: 0px 0px 0px 0.8ex; BORDER-LEFT: #ccc 1px solid">
<div> Host Overflow Application eXception vulnerability is in the wild – any blog that supports RSS and MetaWeblogAPI can be h4x0red. </div>
<div> </div>
<div>We don't have confirmed vectors yet for this incident <br><br> </div>
<div><span class="e" id="q_10e2a7fcfc9a1d93_1">
<div><span class="gmail_quote">On 10/8/06, <b class="gmail_sendername">Mike McMan</b> <<a onclick="return top.js.OpenExtLink(window,event,this)" href="mailto:mikemcman2033@hotmail.com" target="_blank">mikemcman2033@hotmail.com
</a>> wrote:</span>
<blockquote class="gmail_quote" style="PADDING-LEFT: 1ex; MARGIN: 0px 0px 0px 0.8ex; BORDER-LEFT: #ccc 1px solid">Looks like there was a bug in blogger that let someone make a fake post on<br>the official Google blog.<br>
<br><a onclick="return top.js.OpenExtLink(window,event,this)" href="http://googleblog.blogspot.com/2006/10/about-that-fake-post.html" target="_blank">http://googleblog.blogspot.com/2006/10/about-that-fake-post.html</a><br>
<a onclick="return top.js.OpenExtLink(window,event,this)" href="http://www.techcrunch.com/2006/10/07/strange-things-afoot-at-the-google-blog/" target="_blank">http://www.techcrunch.com/2006/10/07/strange-things-afoot-at-the-google-blog/
</a><br><br>Anyone have any details on the bug?<br><br>_________________________________________________________________<br>Be seen and heard with Windows Live Messenger and Microsoft LifeCams <br><a onclick="return top.js.OpenExtLink(window,event,this)" href="http://clk.atdmt.com/MSN/go/msnnkwme0020000001msn/direct/01/?href=http://www.microsoft.com/hardware/digitalcommunication/default.mspx?locale=en-us&source=hmtagline" target="_blank">
http://clk.atdmt.com/MSN/go/msnnkwme0020000001msn/direct/01/?href=http://www.microsoft.com/hardware/digitalcommunication/default.mspx?locale=en-us&source=hmtagline </a><br><br>_______________________________________________
<br>Full-Disclosure - We believe in it.<br>Charter: <a onclick="return top.js.OpenExtLink(window,event,this)" href="http://lists.grok.org.uk/full-disclosure-charter.html" target="_blank">http://lists.grok.org.uk/full-disclosure-charter.html
</a><br>Hosted and sponsored by Secunia - <a onclick="return top.js.OpenExtLink(window,event,this)" href="http://secunia.com/" target="_blank">http://secunia.com/</a><br></blockquote></div><br></span></div></blockquote></div>
<br><br clear="all"><br>-- <br><a href="http://peterdawson.typepad.com">http://peterdawson.typepad.com</a><br>PeterDawson Home of ThoughtFlickr's <br>"This message is printed on Recycled Electrons."