lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <40F69365.7030502@sdf.lonestar.org>
From: bkfsec at sdf.lonestar.org (Barry Fitzgerald)
Subject: Exploits in websites due to buggy input validation
 where mozilla is at fault as well as the website.

Seth Alan Woolley wrote:

>
>Is it just me or is that behavior idiotic?  I've seen this bug in
>_multiple_ scripts I've audited.  For that reason, I feel much less safe
>signing up for cookies on websites that I haven't audited myself for
>this problem.  Since it is a script tag, that could open many a hole
>later down the line that I haven't mentioned as well.  It's just another
>reason to disable javascript and never use cookies for authentication.
>
>
>  
>

I see where you're coming from on this.  It enables a number of 
cross-site scripting attacks. 

I also see where they're coming from, though.  If you don't complete the 
tags prior to processing, it could cause (at best) issues in the page or 
(at worst) could allow improper nesting to get around improper code 
restrictions (as was recently seen on internet explorer).

I think that the best solution might be to display a dialogue box before 
it tries to fix the tags stating that the page contains potentially 
unsafe incomplete tags and asking whether the browser should repair them 
or not.

          -Barry




Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ