Bugtraq mailing list archives

Re: Hotmail security vulnerability - injecting JavaScript using

From: alan () LXORGUK UKUU ORG UK (Alan Cox)
Date: Wed, 15 Sep 1999 13:07:55 +0100

Btw. the example given for IE is a classic example of what is so wrong
with Javascript: you can do anything with it - including e.g. trivial
stealing of passwords by popping up fake login dialogs - _even if it
doesn't make sense in the context_. This alone is a reason to
completely block and disable it.


In this paticular case its a beautiful example of how not to configure
a web based email system. Javascript does have a sense of security domains
and nowdays it even seems to work right (see old stuff with the one line frame
snooping on the rest)

Untrusted content should be served in a different security domain to the
main system. If hotmail handed out its own admin stuff from hotmail.com and
the message contents from ifyoutrustthisyouarecrazy.com, things would be a lot
safer. I concur however for many of us - not safe enough.

Alan

Current thread:

(no subject) Mark Ultor (Sep 09)
- Re: your mail KSR[T] Contact Account (Sep 11)
- elm filter program Cornelius Krasel (Sep 12)
  - Hotmail security vulnerability - injecting JavaScript using <STYLE> tag Georgi Guninski (Sep 13)
    - Re: Hotmail security vulnerability - injecting JavaScript using <STYLE> tag Olaf Titz (Sep 14)
    - Re: Hotmail security vulnerability - injecting JavaScript using Alan Cox (Sep 15)
    - Re: Hotmail security vulnerability - injecting JavaScript using<STYLE> tag Georgi Guninski (Sep 15)
    - Re: Hotmail security vulnerability - injecting JavaScript using<STYLE> tag Eivind Eklund (Sep 15)
    - [support_feedback () us-support external hp com: Security Bulletins Digest] Patrick Oonk (Sep 15)
  - Re: elm filter program Bill Pemberton (Sep 13)
  - [RHSA-1999:037-01] Buffer overflow in mars_nwe Bill Nottingham (Sep 13)
- Phrack 55 is on the virtual shelves... Jesse Whyte (Sep 12)