Mail.com Cross Site Scripting Vulnerability

• Previous message: Alfonso De Gregorio: "Re: Vulnerability in encrypted loop device for linux"
• Next in thread: Keith Dallara: "Mail.com Cross Site Scripting Vulnerability"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

----------------------------------------------
Mail.com Cross Site Scripting Vulnerability   
Ministry-of-Peace - www.ministryofpeace.co.uk 
----------------------------------------------

SYNOPSIS

Mail.com offers free webmail services, which are used
by tens of thousands of people around the world.
The site suffers from a CSS vulnerability, giving a
malicious user the ability to view the site cookies of
any user currently logged in.
 

IMPACT

If a malicious user can get the mail.com user to follow
a simple link, then they can grab that users mail.com
cookies and possibly use them to authenticate as that
user.


WORKING EXAMPLE

Log into your mail.com account, and then go to:
http://mymail.mail.com/scripts/common/forgotpasswd.cgi?login=><script>document.writeln(document.cookie)</script></p>


CREDITS

Vulnerability discovered by Digital Shadow.


INFO

Security Advisory #03
Published: 03rd January 2002











-- 

_______________________________________________
Sign-up for your own FREE Personalized E-mail at Mail.com
http://www.mail.com/?sr=signup


1 cent a minute calls anywhere in the U.S.!

http://www.getpennytalk.com/cgi-bin/adforward.cgi?p_key=RG9853KJ&url=http://www.getpennytalk.com

• Next message: secureat_private: "[CLA-2002:447] Conectiva Linux Security Announcement - glibc"
• Previous message: Alfonso De Gregorio: "Re: Vulnerability in encrypted loop device for linux"
• Next in thread: Keith Dallara: "Mail.com Cross Site Scripting Vulnerability"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Thu Jan 03 2002 - 13:11:59 PST