[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <20041101171714.616DB15F502@mail.ngssoftware.com>
Date: Mon, 1 Nov 2004 17:36:50 -0000
From: "Gunter Ollmann" <gunter@...software.com>
To: <bugtraq@...urityfocus.com>
Subject: New Whitepaper - "Second-order Code Injection Attacks"
Hi list,
NGS Software is pleased to make available a new whitepaper about
second-order code injection attacks.
Abstract:
"Many forms of code injection targeted at web-based applications (for
instance cross-site scripting and SQL injection) rely upon the instantaneous
execution of the embedded code to carry out the attack (e.g. stealing a
user's current session information or executing a modified SQL query). In
some cases it may be possible for an attacker to inject their malicious code
into a data storage area that may be executed at a later date or time.
Depending upon the nature of the application and the way the malicious data
is stored or rendered, the attacker may be able to conduct a second-order
code injection attack.
A second-order code injection attack can be classified as the process in
which malicious code is injected into a web-based application and not
immediately executed, but instead is stored by the application (e.g.
temporarily cached, logged, stored in a database) and then later retrieved,
rendered and executed by the victim."
The paper can be accessed from:
http://www.nextgenss.com/papers/SecondOrderCodeInjection.pdf
Cheers,
Gunter
------------------------------------------------------
G u n t e r O l l m a n n, MSc(Hons), BSc
Professional Services Director
Next Generation Security Software Ltd.
First Floor, 52 Throwley Way Tel: +44 (0)208 401 0089
Sutton, Surrey, SM1 4BF, UK Fax: +44 (0)208 401 0076
http://www.nextgenss.com
------------------------------------------------------
Powered by blists - more mailing lists