lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <CAOHmTToCBjiyY9-1FmOe_dm3N1rq0J+3ajwVyA9jDFP0MpG+eA@mail.gmail.com> Date: Fri, 19 Dec 2014 07:57:26 +0000 From: Sandro Gauci <sandro@...blesecurity.com> To: Michal Zalewski <lcamtuf@...edump.cx> Cc: Shahar Tal <shahartal@...ckpoint.com>, "fulldisclosure@...lists.org" <fulldisclosure@...lists.org> Subject: Re: [FD] The Misfortune Cookie Vulnerability The most technical it seems to get is the following: <quote> The Misfortune Cookie vulnerability is exploitable due to an error within the HTTP cookie management mechanism present in the affected software, allowing an attacker to determine the ‘fortune’ of a request by manipulating cookies. Attackers can send specially crafted HTTP cookies that exploit the vulnerability to corrupt memory and alter the application state. This, in effect, can trick the attacked web server to treat the current session with administrative privileges. </quote> From http://mis.fortunecook.ie/misfortune-cookie-tr069-protection-whitepaper.pdf. Would be very useful for the rest of us if this information were less of an advert and more technical. Shahar, are there plans to release proper technical details? Sandro Gauci Penetration tester and security researcher Email: sandro@...blesecurity.com Web: http://enablesecurity.com/ PGP: 8028 D017 2207 1786 6403 CD45 2B02 CBFE 9549 3C0C On Fri, Dec 19, 2014 at 6:56 AM, Michal Zalewski <lcamtuf@...edump.cx> wrote: > > > See http://mis.fortunecook.ie for the rest. > > I think you might have accidentally pasted the wrong link. This one > doesn't seem to contain additional information. > > Cheers, > /mz > > _______________________________________________ > Sent through the Full Disclosure mailing list > http://nmap.org/mailman/listinfo/fulldisclosure > Web Archives & RSS: http://seclists.org/fulldisclosure/ > _______________________________________________ Sent through the Full Disclosure mailing list http://nmap.org/mailman/listinfo/fulldisclosure Web Archives & RSS: http://seclists.org/fulldisclosure/
Powered by blists - more mailing lists