lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Message-ID: <001201caa249$a90611a0$fb1234e0$@com>
Date: Sun, 31 Jan 2010 09:47:38 +0200
From: "Alex Roichman" <Alexr@...ckmarx.com>
To: <bugtraq@...urityfocus.com>
Subject: Cross-Site History Manipulation (XSHM)

Checkmarx Research Labs has identified a new critical vulnerability in
Internet Explorer (other browsers are probably exposed the same way) that
would allow hackers to easily compromise web applications. Cross-Site
History Manipulation (XSHM) is a newly discovered zero-day attack: attackers
may have been using it for a long time, but the application and security
communities do not know it.

To help major browsers or application developers stop the proliferation of
this exploit, Checkmarx has published a guide to identify and remediate the
vulnerability. It can be downloaded at
http://www.checkmarx.com/CxDownloadRequest.aspx?id=8

A  POC for IE and Facebook users can be seen here:
http://www.checkmarx.com/Demo/XSHM.aspx In this page, an attacker can easily
detect whether a user is currently authenticated to the Facebook
application. Interested parties will be able to detect XSHM in samples of
their application by using a free download version of the product.

Thanks,
Alex Roichman
Chief Architect and head of Research labs, Checkmarx Ltd.
Securitylabs@...ckmarx.com

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ