snowdeal logo

archives archives

ex machina has discovered a new client-side security issue that should read by anyone who uses web applications ( including blogger ):
"Imagine you have some kind of system that you administer through a web GUI, such as HotMail, your Netscape Admin server or a site like You get in to work and use this service for a while (check your mail, manage your servers, whatever). For our example, lets say you were using the netscape admin server.

Later in the day someone sends you an email asking you to look at a web page. You go the page using the browser session where earlier you had logged in to the admin server. However, the page does a redirect to a url of your admin server that causes your main web server to be deleted! The redirect will succeed, as you've already logged in to the admin server earlier with sufficient privileges to delete your server.

There are a few variations on this theme, involving JavaScript that can silently submit a hidden form to do the same sort of thing. It appears that most web applications involving authentication are vulnerable to this sort of attack.

Web clients will cache your credentials and send them automatically to a realm that you have visited earlier in the session, which in a stateless system is a reasonable behavior. The problem is that the client is also willing to let almost any page on the Web take actions automatically on your behalf through the use of things like redirects or javascript code. "

unfortunately, as the article points out, there is no easy 'solution'. i suppose while i'm standing on the security soapbox, i might as well point out yet another reason to be wary of hotmail
bookmark: ::digg it ::furl ::reddit ::yahoo ::
5/10/2000 07:18:00 AM 0 comments


Post a Comment

[ rhetoric ]

"it is hard to be brave," said piglet, sniffing slightly, "when you're only a Very Small Animal." rabbit, who had begun to write very busily, looked up and said: "it is because you are a very small animal that you will be Useful in the adventure before us."

the complete tales & poems of winnie the pooh

[ about ]

this site chronicles the continuing adventures of my son, odin, who was unexpectedly born on the fourth of july at 25 weeks gestation, weighing 1 pound 7 ounces.

he's quite a fighter and you can always send him a postcard to the most current address listed here if you're inspired by his adventures. see the postcard project/google maps mashup to see a map of the postcards.

if you're new, you can browse the archives to catch up. and don't forget to watch a few movies that i made while we were in the neonatal intensive care unit. or if you want the abridged version and you can find a copy, you can read about his adventures in the november 2005 issue of parents magazine.

[ search ]

[ outbound ]

daddytypes / blogging baby /

rebeldad / thingamababy / The Continuing Adventures of Super-Preemie / dooce /

[ schwag ]

look snazzy and support the site at the same time by buying some snowdeal schwag!

[ et cetera ]

valid xhtml 1.0?

This site designed by
Eric C. Snowdeal III .
© 2000-2005