Full Disclosure mailing list archives
Re: nVidia.com [Url Redirection flaw]
From: Martin Aberastegue <xyborg () gmail com>
Date: Wed, 25 Mar 2009 10:48:24 -0300
Well, we have a XSS too, just put whatever you want on the variable "url" closing first the meta refresh tag, i.e: http://www.nvidia.com/content/DriverDownload/download_confirmation.asp?kw=&url="><iframe src="http://www.yahoo.com/" with="100%" height=600></iframe><!-- Since nVidia is a trusted site some people could use it to spread malware directly from there. This is just a simple redirection issue and nVidia may have to correct this ASAP, even if they are just "graphics vendors". Regards. --- Martin Aberastegue http://www.martinaberastegue.com/ On Tue, Mar 24, 2009 at 11:13 AM, Lorenzo Vogelsang <vogelsang.lorenzo () gmail com> wrote:
Hi all, i'm new to the list. I'm an italian student who likes security topics in the I.C.T world.. Browsing the nVdia web sites, i have found a very basic Url redirection flaw. Infact when downloading a driver i get Urls like this: http://www.nvidia.com/content/DriverDownload/download_confirmation.asp?kw=&url=http://us.download.nvidia.com/Windows/179.48/179.48_notebook_winxp_64bit_beta.exe and connecting to this another Url http://www.nvidia.com/content/DriverDownload/download_confirmation.asp?kw=&url=http://www.google.it will redirects succefully to www.google.it! (or other web site of your choice , or downloadble content..) Enjoy! Lorenzo Vogelsang. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- nVidia.com [Url Redirection flaw] Lorenzo Vogelsang (Mar 24)
- Re: nVidia.com [Url Redirection flaw] Martin Aberastegue (Mar 25)
- nVidia.com [Url Redirection flaw] Lorenzo Vogelsang (Mar 25)
- Re: nVidia.com [Url Redirection flaw] Valdis . Kletnieks (Mar 25)
- nVidia.com [Url Redirection flaw] Lorenzo Vogelsang (Mar 25)
- <Possible follow-ups>
- Re: nVidia.com [Url Redirection flaw] mac . user (Mar 24)
- Re: nVidia.com [Url Redirection flaw] Rubén Camarero (Mar 24)
- Re: nVidia.com [Url Redirection flaw] yersinia (Mar 25)
- Re: nVidia.com [Url Redirection flaw] Rubén Camarero (Mar 25)
- Re: nVidia.com [Url Redirection flaw] Chris Evans (Mar 25)
- Re: nVidia.com [Url Redirection flaw] Pete Licoln (Mar 25)
- Re: nVidia.com [Url Redirection flaw] Nick FitzGerald (Mar 26)
- Re: nVidia.com [Url Redirection flaw] Rubén Camarero (Mar 24)
- Re: nVidia.com [Url Redirection flaw] Nick FitzGerald (Mar 25)
- Re: nVidia.com [Url Redirection flaw] Martin Aberastegue (Mar 25)