lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
From: thor at pivx.com (Thor Larholm)
Subject: Re: New Web Vulnerability - Cross-Site Tracing

> From: "H D Moore" <sflist@...italoffense.net>
> Although its definately an interesting way to compromise client-side
> headers, the root is the vulnerability is the XMLHTTP component's ability
> to act like a HTTP proxy. Client-side scripting components should only be
> allowed to interact with the site which served them up, otherwise you
> open a huge can of worms, where XSS and user-credential theft are only
> the squishy little ones on top.

Isn't it great then to realize that XMLHTTP, in fact, can only interact with
the site which served them - exactly as you desire?

The proxy features and XSS to arbitrary foreign sites examples that are
demonstrated in this 'whitepaper' are merely demonstrations of already
publicly known unpatched vulnerabilities in IE. They have nothing to do with
any of the findings presented.

http://jscript.dk/2003/1/sec/xst-reply.txt


Regards
Thor Larholm
PivX Solutions, LLC - Senior Security Researcher

Latest PivX research: Multi-vendor Game Server DDoS Vulnerability
http://www.pivx.com/press_releases/mk_mk001.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ