Bugtraq mailing list archives
Re: [WEB SECURITY] Universal XSS with PDF files: highly dangerous
From: Rude Yak <rudeyak () yahoo com>
Date: Thu, 4 Jan 2007 09:18:18 -0800 (PST)
RSnake wrote:
No, that is incorrect. This is not visible by the application because achor tags are not sent to the webserver. This is completely invisible to web application firewalls. Btw, a user on http://sla.ckers.org/ made this recommendation for fixing your own browsers: Firefox->Tools->Options->Content->Manage->change PDF action to "Save to disk".
YMMV, but for Apache-based servers, one of the two methods below -may- do the
trick (no guarantees that it won't break your app in the process):
# mod_rewrite prevention vs. DOM attacks on static content
RewriteCond %{THE_REQUEST} .*\.(img|jpg|pdf|css|js)[^A-Za-z0-9._?&%-]
RewriteRule (.*\.(img|pdf|cgi|jpg)) $1 [R,L]
# mod_security 2.0 prevention vs. DOM attacks on static content
SecRule REQUEST_URI_RAW: ".*\.(img|jpg|pdf|css|js)[^A-Za-z0-9._?&%-]" \
"deny,log,status:501,id:955001,severity:2,msg:'DOM attack on static
content'"
Erick.
Current thread:
- Re: [WEB SECURITY] Universal XSS with PDF files: highly dangerous pdp (architect) (Jan 04)
- <Possible follow-ups>
- Re: [WEB SECURITY] Universal XSS with PDF files: highly dangerous Rude Yak (Jan 04)
- RE: [WEB SECURITY] Universal XSS with PDF files: highly dangerous RSnake (Jan 04)
- RE: [WEB SECURITY] Universal XSS with PDF files: highly dangerous Martin O'Neal (Jan 04)
- Re: Re: [WEB SECURITY] Universal XSS with PDF files: highly dangerous rudeyak (Jan 04)
- RE: [WEB SECURITY] Universal XSS with PDF files: highly dangerous Martin O'Neal (Jan 08)
- Re: Re: Re: [WEB SECURITY] Universal XSS with PDF files: highly dangerous rudeyak (Jan 08)
- Re: [WEB SECURITY] Universal XSS with PDF files: highly dangerous pdp (architect) (Jan 08)
- RE: [WEB SECURITY] Universal XSS with PDF files: highly dangerous Tom Stripling (Jan 09)