Same Site Scripting Paper Released

News

Web Server Security

Phishing

Database Security

Application Server Security

Library

Vulnerability Archive

Secure Development

Web Services

Pen Test

AJAX

Application Firewalls

Main -> Internet Security News

TOPIC'S

Advertising

Old News

About

Resume

Contact

FAQ

Irc

Links

Books

Demos

Papers

Downloads

Advisories

Contributions

Security Services

Submit News

Syndicated News

Hosting generously provided by

www.mv.com

Same Site Scripting Paper Released

Posted 1/23/08 by Robert from the better late than never department

An email sent to bugtraq by Travis Ormandy outlines a new attack dubbed same site scripting.

"It's a common and sensible practice to install records of the form "localhost. IN A 127.0.0.1" into nameserver configurations, bizarrely however, administrators often mistakenly drop the trailing dot, introducing an interesting variation of Cross-Site Scripting (XSS) I call Same-Site Scripting. The missing dot indicates that the record is not fully qualified, and thus queries of the form "localhost.example.com" are resolved. While superficially this may appear to be harmless, it does in fact allow an attacker to cheat the RFC2109 (HTTP State Management Mechanism) same origin restrictions, and therefore hijack state management data.

The result of this minor misconfiguration is that it is impossible to access sites in affected domains securely from multi-user systems. " - Travis

Article Link: http://seclists.org/bugtraq/2008/Jan/0270.html
Link to this Story: Same Site Scripting Paper Released
Link: Have a Site Suggestion, Material Request, or News? Submit it!
News RSS Feed: Web Security news RSS Feed

Discuss this article Find Related Stories