lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Fri, 15 Dec 2006 13:14:59 +0800
From: "pdp (architect)" <pdp.gnucitizen@...glemail.com>
To: "Web Security" <websecurity@...appsec.org>, 
	full-disclosure@...ts.grok.org.uk
Subject: Backdooring Image Files - security notice

I will be brief. There is a rather lame/concerning technique, most of
you know about, that allows JavaScript to be executed upon visiting an
image file. This issue is not due to some browser error, although
clearly IE has some issues with it, but it is due to web applications
not sanitizing user supplied content in a form of links.

I will skip the rest for those who are not interested in this topic.
Those who are interested can check this post:
http://www.gnucitizen.org/blog/backdooring-images

BIDs worth checking out:
* http://www.securityfocus.com/bid/3693
* http://www.securityfocus.com/bid/3116

This technique, although not as robust as the QuickTime flow, can be
used to write worms for Bulletin Boards, Blogs, Wikis and other types
of web systems. I conducted a small survey, which I am not going to
disclose, showing quite concerning figures.

Has anyone experienced these types of worms yet?

-- 
pdp (architect) | petko d. petkov
http://www.gnucitizen.org

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists