Re: Search Engine XSS

[Sam Baskinger <sam () reefedge com>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Some quick corrections:

- ---- this paragraph is now readable----
One of the original example of XSS was where an exploiter gave a link on his 
webpage to a location under the nytime domain, which, when clicked presented
the user with a bogus story.  The content was that of the exploiter's
choosing but it was delivered by the nytimes domain.

- ---- this is readable and the URL results in an HTTP error (not html) ----
- ---- SORRY about that!!! ----
So, the impact varries a great deal depending on context and the waryness
of the users.  If the web browser tells you that the URL results in the HTTP 
code 403, don't go typing your password into any forms presented on that
page. :-)

Sam



- -- original email --
Not speaking to these specific vulnerabilities, XSS attacks in general, let
you masquerade info as being legitimate data from the server.

For example, you can present the user with an error page which LOOKS like a
login page with the method in the HTML form being to a malicious data
collector.

One of the original example of XSS was one user gave a link on his webpage
which to a link under the domain nytimes.com which which clicked presented
the user with a bogus story.  The content was that of the exploiter's
choosing but it was delivered by the nytimes domain.  Thus, the exploit moves
across web sites.

So, the impact varries a great deal depending on context and the waryness of
the users.  If the web browser tells you that the page returns code is HTML
403, don't go typing your password into any forms presented on that page. :-)

Hope this is helpful.

Sam
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (GNU/Linux)

iD8DBQE/HvDNuabcSIn58XwRApubAJ4iiZRNktaSbo1m6x6fyo2rJ/F6PwCfZP8h
XpJmpHu5s9YN0T52dusVaNE=
=v7wx
-----END PGP SIGNATURE-----

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html