lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <005701cae313$79c4e0f0$010000c0@ml>
Date: Fri, 23 Apr 2010 21:31:50 +0300
From: "MustLive" <mustlive@...security.com.ua>
To: <full-disclosure@...ts.grok.org.uk>
Subject: Vulnerability in Referer for DataLife Engine

Hello Full-Disclosure!

I want to warn you about security vulnerability in Referer module for
DataLife Engine (DLE).

-----------------------------
Advisory: Vulnerability in Referer for DataLife Engine
-----------------------------
URL: http://websecurity.com.ua/3942/
-----------------------------
Affected products: Referer (aka "Perehody" on Russian) v.6.9 and previous
versions.
-----------------------------
Timeline:

29.06.2009 - found vulnerability.
11.02.2010 - announced at my site.
13.02.2010 - informed admin of web site where I found the vulnerability.
15.02.2010 - informed developers of DataLife Engine (at first I thought that
hole existed in DLE, and admin of vulnerable web site didn't answer me and
didn't fix the hole, but DLE developers said that hole is not in their
engine and they didn't know what the module it is).
19.02.2010 - informed developers of the module (after I found that it's
Referer module).
23.04.2010 - disclosed at my site.
-----------------------------
Details:

This is Cross-Site Scripting vulnerability.

XSS:

It's persistent XSS vulnerability. Which allows to conduct the attack via
Referer header, in case when immediate links to queries in search engines
are showing at the site.

Referer:
http://www.google.com/search?q=xss"><script>alert(document.cookie)</script>

Best wishes & regards,
MustLive
Administrator of Websecurity web site
http://websecurity.com.ua 

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ