lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20041220130945.GA25905@server.gwsh.gda.pl>
From: lazy at server.gwsh.gda.pl (lazy@...ver.gwsh.gda.pl)
Subject: Re: Gadu-Gadu, another two bugs

On Fri, Dec 17, 2004 at 11:23:38AM +0100, Jaroslaw Sajko wrote:
> Product:	Gadu-Gadu, build 155 and older
> Vendor:		SMS-EXPRESS.COM (http://www.gadu-gadu.pl)
> Impact:		Script execution in local zone,
> 		Remote DoS
> Severity:	High
> Authors: 	Blazej Miga <bla@....poznan.pl>,
> 		Jaroslaw Sajko <sloik@....poznan.pl>
> Date:		17/12/04
...
> [DETAILS]
> 
> Bug 1.
> Parsing error. We can send a malicious string which has an url inside.
> This url can be a javascript code for example or reference to such a code.
> Code will execute when the window with message pops up. Code will execute
> in LOCAL ZONE! Works also with older versions.
> 
> Example:
> 
> Send such a string to any receipent:
> www.po"style=background-image:url(javascript:document.write('%3cscript%3ealert%28%22you%20are%20owned!%22%29%3c%2fscript%3e'));".pl
> 
tlen.pl - another polish IM was also vulunerable to Bug1
they fixed it in 5.23.4.2 and (as I was told) they now block it on the servers, but you can check it
locally on your own client

__
Regards,
Michal Grzedzicki


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ