mailing list archives
Re: Fwd: CERT Advisory CA-2000-02
From: metal_hurlant () YAHOO COM (Henri Torgemane)
Date: Thu, 3 Feb 2000 14:22:38 -0800
First, what the CERT describes isn't one of the many implementation bugs we've
seen before, like bugs crashing the browser or giving access to local resources:
This is a design problem.
One obvious abuse could be to compromise online accounts:
their site. As a result, cookies are often equivalent to passwords.
has been loaded.
installed, you can get your user's cookies grabbed with a URL like:
Each time a user of your site happens to follow that URL, the log of the
evil.org web server will contain the cookies for his account.
In other cases, rather than actually taking the cookie, one can instead choose
to "remote-control" the browser, making it take actions to modify the user
account or grab some personal information (e-mail messages on a webmail system,
for example) without the user having a chance to see what's going on.
Hope it helps,
Shockro () aol com wrote:
I'm curious as to how this could be used in a malicious manner, as opposed to
just being an annoyance. I mean, god forbid, people should execute arbitrary
1001 ways to crash Internet Explorer through infinite loops, but there's
nothing seriously harmful about this, am I right? Please correct me if I'm
Support Reverse Engineering