Network Security: Detailed info on [Full-disclosure] RE: "Exploiting the XmlHttpRequest object in IE"

Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.

Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.

Network Security FullDisclosure

Subject:	[Full-disclosure] RE: "Exploiting the XmlHttpRequest object in IE" - paper by Amit Klein
Date:	Fri, 30 Sep 2005 10:00:55 +0400

Subject:

[Full-disclosure] RE: "Exploiting the XmlHttpRequest object in IE" - paper by Amit Klein

Date:

Fri, 30 Sep 2005 10:00:55 +0400

Hi list. I checked some ideas and think that reflected XSS in user-agent and other http request headers fileds (cookies for example) can be exploited via http request smuggling\splitting cache poisoning attacks using described techniques. So vendors who discard such vulnerabilities as not explotable should take it into account. Regards, Sergey V. Gordeychik, MCSE, MCT, CISSP _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/

<Prev in Thread]	Current Thread	[Next in Thread>
[Full-disclosure] RE: "Exploiting the XmlHttpRequest object in IE" - paper by Amit Klein, Sergey V. Gordeychik <=

<Prev in Thread]

Current Thread

[Next in Thread>

Previous by Date:	[Full-disclosure] [SECURITY] [DSA 831-1] New mysql-dfsg packages fix arbitrary code execution, Martin Schulze
Next by Date:	[Full-disclosure] apachetop insecure temporary file creation, ZATAZ Audits
Previous by Thread:	[Full-disclosure] [SECURITY] [DSA 831-1] New mysql-dfsg packages fix arbitrary code execution, Martin Schulze
Next by Thread:	[Full-disclosure] apachetop insecure temporary file creation, ZATAZ Audits
Indexes:	[Date] [Thread] [Top] [All Lists]

Previous by Date:

[Full-disclosure] [SECURITY] [DSA 831-1] New mysql-dfsg packages fix arbitrary code execution, Martin Schulze

Next by Date:

[Full-disclosure] apachetop insecure temporary file creation, ZATAZ Audits

Previous by Thread:

[Full-disclosure] [SECURITY] [DSA 831-1] New mysql-dfsg packages fix arbitrary code execution, Martin Schulze

Next by Thread:

[Full-disclosure] apachetop insecure temporary file creation, ZATAZ Audits

Indexes:

[Date] [Thread] [Top] [All Lists]