lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <3436217b0601191421w3d1628ebr160160af72b3f7e8@mail.gmail.com>
Date: Fri Jan 20 08:18:29 2006
From: sant.jadhav at gmail.com (MuNNa)
Subject: MBT Xss vulnerability

*Hahaha* ... native code doesnt seem to understand the meaning of Xss and
why it can be of security concern. Here not only url re-direction is
possible but also execution of malicious javascripts is possible.Your Lame
reply makes me think that you are one of the following:
1.An employee of MBT criticising me in the interest of the company   *'or'*
2.A poor spammer who doesnt know anything but tries to shows-off as if he is
the MASTER. If this is the case carry on with your spamming business and
good luck for your future.

Regards;
Santosh J.

On 1/20/06, greybrimstone@....com <greybrimstone@....com> wrote:
>
> Actually,
>     Whats lame is you basing someone for telling others about a
> security vulnerability. Keep posting!
>
> -Adriel
>
> -----Original Message-----
> From: Native.Code <native.code@...il.com>
> To: MuNNa <sant.jadhav@...il.com>
> Cc: full-disclosure@...ts.grok.org.uk
> Sent: Thu, 19 Jan 2006 21:52:54 +0800
> Subject: Re: [Full-disclosure] MBT Xss vulnerability
>
>   What a lame vulnerability it is. If your POC redirects to another
> site (which is not MBT site), how someone will become victim and
> believe that he/she is doing business with MBT?
>
> Your post is yet another proof that FD is more and more inhibited by
> scipt kiddies. Get a life!
>
>
> On 1/19/06, MuNNa <sant.jadhav@...il.com> wrote:
> Hii List;
>
> Recently, i found an Xss vulnerabilty in MBT web site. MBT offers
> services from Consulting to Managed Services.It is the Corporate member
> of The International Systems Security Engineering Association (ISSEA).
> BS 7799 (Information Security Management Framework) certified
> organization
>
> Vulnerability:
> MBT XSS (Cross Site Scripting) Attacks
>
> Criticality:
> Medium
>
> Description:
> MBT ( http://www.mahindrabt.com/website/index.htm ) is a leading
> India-based global IT solutions provider. As a proven leader in
> application outsourcing and offshoring of business critical
> applications, MBT enables its clients, protect their investment in
> legacy systems, enhance capital budgets, reduce operating expenses and
> build solutions for the multi-services future. However it suffers Xss
> vulnerability on its own web page.
>
> Below is the proof-of-concept which explains this -
>
> http://www.mahindrabt.com/jse/jsp/search.jsp?q=[Xss malcode here]
>
> Re-directing the site to any malicious or fake site to trap the victim :
>
> http://www.mahindrabt.com/jse/jsp/search.jsp?q=
> <script>document.location='http://www.[evil.site].com'</script>
>
>
> Though it does not affect sever side alot and may seem harmless, but it
> can be used to target college students or job-seekers as it is one of
> the most attracting employer. Targets can be lured to visit the
> malicious weblink under the pretext of some job positions being vacant.
> Vendor notification:
>
>
> Vendor has been notified twice, around 4 months ago but still there is
> no response and I guess neither they are going to respond.
>
>
> Regards;
> Santosh J.
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>
>
>
>
>   _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>
>
> ________________________________________________________________________
> Check Out the new free AIM(R) Mail -- 2 GB of storage and
> industry-leading spam and email virus protection.
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20060120/82c230fd/attachment.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ