Message-ID: <20041101171714.616DB15F502@mail.ngssoftware.com>
Date: Mon, 1 Nov 2004 17:36:50 -0000
From: "Gunter Ollmann" <gunter@...software.com>
To: <bugtraq@...urityfocus.com>
Subject: New Whitepaper - "Second-order Code Injection Attacks"


Hi list,

NGS Software is pleased to make available a new whitepaper about
second-order code injection attacks.

Abstract:
"Many forms of code injection targeted at web-based applications (for
instance cross-site scripting and SQL injection) rely upon the instantaneous
execution of the embedded code to carry out the attack (e.g. stealing a
user's current session information or executing a modified SQL query).  In
some cases it may be possible for an attacker to inject their malicious code
into a data storage area that may be executed at a later date or time.
Depending upon the nature of the application and the way the malicious data
is stored or rendered, the attacker may be able to conduct a second-order
code injection attack.

A second-order code injection attack can be classified as the process in
which malicious code is injected into a web-based application and not
immediately executed, but instead is stored by the application (e.g.
temporarily cached, logged, stored in a database) and then later retrieved,
rendered and executed by the victim."

The paper can be accessed from:
http://www.nextgenss.com/papers/SecondOrderCodeInjection.pdf


Cheers,

Gunter

------------------------------------------------------
G u n t e r   O l l m a n n,            MSc(Hons), BSc
Professional Services Director                        
                                                      
Next  Generation  Security  Software  Ltd.            
First Floor, 52 Throwley Way  Tel: +44 (0)208 401 0089
Sutton, Surrey, SM1 4BF, UK   Fax: +44 (0)208 401 0076
http://www.nextgenss.com      
------------------------------------------------------  

Powered by blists - more mailing lists