|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
RSS Injection in Sage part 2
From: David Kierznowski (david.kierznowski
gmail.com)
Date: Wed Nov 08 2006 - 18:18:57 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
RSS Injection is Sage part 2
2 months ago, both pdp and myself released a vulnerability and proof
of concept exploit for Sage. (see:
http://michaeldaw.org/md-hacks/cross-context-scripting-with-sage/).
This issue was resolved in Sage release 1.3.7 (
http://mozdev.org/bugs/show_bug.cgi?id=15101). I found a new
vulnerability which affects the latest version, Sage 1.3.8. In
addition to the XSS vulnerability, it should be noted (as with the
previous vulnerability) this issue occurs within the Local Browser
Context. This means arbitrary file access etc.
Full details and POC can be found at:
http://michaeldaw.org/md-hacks/rss-injection-in-sage-part-2/
-------------------------------------------------------------------------
Sponsored by: Watchfire
It's been reported that 75% of websites are vulnerable to attack. That's
because hackers know to exploit weaknesses in web applications.
Traditional approaches to securing these assets no longer apply.
Download the "Addressing Challenges in Application Security" whitepaper
today, and see for yourself.
https://www.watchfire.com/securearea/whitepapers.aspx?id=701500000008YTU
--------------------------------------------------------------------------
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]