|
|
| Applications |
| Mailing Lists |
| Miscellaneous |
| Operating Systems |
| Programming |
Re: New Web Vulnerability - Cross-Site Tracing
Date: Wed Jan 22 2003 - 17:25:57 EST
On Wed, 2003-01-22 at 13:31, xss-is-lame@hushmail.com wrote:
>
> -----BEGIN PGP SIGNED MESSAGE-----
to able to get JavaScript/Flash/etc executed on the victim's system as a PREREQUISITE.
certainly.
>
> So, to summarize:
get arbitrary JavaScript executed on a web client, in a different zone.
this is correct. Via a web page, message board, web mail, etc etc etc.
>
> Is this a useful thing to know if you're looking for a way to steal cookies? Sure!
Is this a revolutionary tactic that will allow you to compromise the security of any of
the webservers listed in the whitepaper? No.
Ok... we are not talk about "rooting" the web server here, but compromising the user credentials client-side. The credentials be it cookies or basic authentication, from a protected domain. You can now XSS any domain from the users browser even if the domain has no web apps at all.
> This isn't any different from the many, many, many known ways of violating
someone's HTTP client if you can get them to execute Flash or JavaScript or ActiveX of your choice.
I must disagree... this is a much much different way to perform a credential theft. But...for the sake of information, can you provide me a link where they do it in this manner?
We've seen dozens of holes in IE's security constraints that allow attackers to view files, steal cookies or execute commands. Unlike Guninski or GreyMagic's advisories, this one has simply been built up to ridiculous proportions with marketting language in the press release and in the ExtremeTech article.
Again, not using this method. Received on Wed Jan 22 18:47:18 2003
This archive was generated by hypermail 2.1.8 : Wed Aug 23 2006 - 14:07:47 EDT
|
Contact Us Legal Notices Order Services Online Pantek Home Privacy Policy IT news Site Map Pantek Library |