lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <0cb967ca-c8b7-2fe9-24d7-d3d92f053846@securify.nl>
Date: Tue, 14 Mar 2017 22:03:36 +0100
From: "Securify B.V." <lists@...urify.nl>
To: bugtraq@...urityfocus.com
Subject: Microsoft Edge Fetch API allows setting of arbitrary request headers

------------------------------------------------------------------------
Microsoft Edge Fetch API allows setting of arbitrary request headers
------------------------------------------------------------------------
Yorick Koster, January 2017

------------------------------------------------------------------------
Abstract
------------------------------------------------------------------------
It was found that the Fetch API in Microsoft Edge allows websites to set
arbitrary HTTP request headers, including the Content-Length, and Host
headers. Amongst others, a malicious website can use this issue to
bypass the same origin policy, read HTTP response headers, or initiate
arbitrary HTTP requests from the victim's browser (HTTP request
smuggling).

------------------------------------------------------------------------
See also
------------------------------------------------------------------------
- CVE-2017-0140
- MS17-007: Cumulative Security Update for Microsoft Edge (4013071)

------------------------------------------------------------------------
Tested versions
------------------------------------------------------------------------
This issue was successfully tested on Microsoft Edge version
38.14393.0.0 (EdgeHTML 14.14393).

------------------------------------------------------------------------
Fix
------------------------------------------------------------------------
Microsoft released MS17-007 that fixes this vulnerability.

------------------------------------------------------------------------
Details
------------------------------------------------------------------------
https://www.securify.nl/advisory/SFY20170101/microsoft_edge_fetch_api_allows_setting_of_arbitrary_request_headers.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ