lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <D1975DAA.50DA%msheward@expedia.com>
Date: Fri, 5 Jun 2015 21:08:50 +0000
From: Mike Sheward <msheward@...edia.com>
To: "bugtraq@...urityfocus.com" <bugtraq@...urityfocus.com>
Subject: Expedia Product Security Advisory: Cruise Ship Centers Information
 Disclosure

Expedia Product Security Advisory on 6/5/2015
Product: Expedia CruiseShipCenters (CruiseShipCenters.com)

Vulnerability Type: Insecure Direct Object Reference
Impact: Unauthorized Information Disclosure

Credit: Paul O¹Neil, IDT911 Consulting (http://idt911.com/)

Background:

During the booking finishing process with Expedia Cruise Ship Centers it
was discovered that a GET parameter (namely Œctoid') found in the
following URL, could be modified to disclose information regarding other
users of the application who had previously made
 a booking:

https://cruise.expedia.com/Book/Payment5.aspx

Once the issue was remediated, an investigation by the Expedia Incident
Response team determined that we have no reason to believe this
vulnerability was maliciously exploited.

Remedition Timeline:

Initial Discovery by Mr O'Neil: 5/27/15
Initial Response and Investigation by Expedia Incident Response: 5/27/15
Issue Confirmed Remediated: 6/3/15

Expedia Policy on Responsible Disclosures:

Expedia, Inc. and its affiliated businesses encourage users to report
vulnerabilities discovered on any of our Internet sites. If you think you
have discovered a vulnerability in the Web application code on any of our
sites, please send us an email via respdisc@...edia.com
 with the following information:

* Date and time of discovery
* Specific code 
* Proof of concept exploit information

We appreciate your willingness to participate in our efforts to keep
Expedia safe and secure, and will publicly acknowledge your contributions.
The scope of this program is limited to Expedia-owned Web applications,
including Hotels.com, Hotwire.com, Expedia CruiseShipCenters, Venere.com,
Egencia.com, and VIA.com.

Thank you,

Mike Sheward
Enterprise Information Security
 Director,
 Security Operations Center and Security Incident Response
Expedia, Inc.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ