| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 23 Nov 2006 19:04:28 +0300 From: 3APA3A <3APA3A@...URITY.NNOV.RU> To: fash1on@...il.com Cc: bugtraq@...urityfocus.com Subject: Re: Big Flaw in Firefox 2: Password Manager Bug Exposes Passwords Dear fash1on@...il.com, It looks like in order to exploit this, attacker must be able to insert form in content of exploited site. That is, to exploit this vulnerability, e.g. crossite scripting vulnerability is required. In this case, this is a flow, but not so big one. Is it so, or I miss something? --Wednesday, November 22, 2006, 12:57:43 PM, you wrote to bugtraq@...urityfocus.com: fgc> "Today, Mozilla made public bug #360493, which exposes fgc> Firefox's Password Manager on many public sites. The flaw derives fgc> from Firefox's willingness to supply the username and password fgc> stored on one page on a domain to another page on a domain. For fgc> example, username/password input tags on a Myspace user's site will fgc> be unhelpfully propagated with the visitor's Myspace.com fgc> credentials. It was first discovered in the wild by Netcraft on fgc> Oct. 27. As this proof-of-concept illustrates, because the fgc> username/password fields need not be visible on the page, your fgc> password can be stolen in an almost completely transparent fashion. fgc> PoC here: http://www.info-svc.com/news/11-21-2006/rcsr1/ -- ~/ZARAZA Почтенные ископаемые! Жду от вас дальнейших писем. (Твен)
Powered by blists - more mailing lists