lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <CAOHmTToCBjiyY9-1FmOe_dm3N1rq0J+3ajwVyA9jDFP0MpG+eA@mail.gmail.com>
Date: Fri, 19 Dec 2014 07:57:26 +0000
From: Sandro Gauci <sandro@...blesecurity.com>
To: Michal Zalewski <lcamtuf@...edump.cx>
Cc: Shahar Tal <shahartal@...ckpoint.com>,
	"fulldisclosure@...lists.org" <fulldisclosure@...lists.org>
Subject: Re: [FD] The Misfortune Cookie Vulnerability

The most technical it seems to get is the following:

<quote>
The Misfortune Cookie vulnerability is exploitable due to an error within
the HTTP cookie management mechanism present in the affected software,
allowing an attacker to determine the ‘fortune’ of a request by
manipulating cookies. Attackers can send specially crafted HTTP cookies
that exploit the vulnerability to corrupt memory and alter the application
state. This, in effect, can trick the attacked web server to treat the
current session with administrative privileges.
</quote>

From
http://mis.fortunecook.ie/misfortune-cookie-tr069-protection-whitepaper.pdf.

Would be very useful for the rest of us if this information were less of an
advert and more technical.

Shahar, are there plans to release proper technical details?

Sandro Gauci
Penetration tester and security researcher
Email: sandro@...blesecurity.com
Web: http://enablesecurity.com/
PGP: 8028 D017 2207 1786 6403  CD45 2B02 CBFE 9549 3C0C

On Fri, Dec 19, 2014 at 6:56 AM, Michal Zalewski <lcamtuf@...edump.cx>
wrote:
>
> > See http://mis.fortunecook.ie for the rest.
>
> I think you might have accidentally pasted the wrong link. This one
> doesn't seem to contain additional information.
>
> Cheers,
> /mz
>
> _______________________________________________
> Sent through the Full Disclosure mailing list
> http://nmap.org/mailman/listinfo/fulldisclosure
> Web Archives & RSS: http://seclists.org/fulldisclosure/
>

_______________________________________________
Sent through the Full Disclosure mailing list
http://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/

Powered by blists - more mailing lists