RE: CSS implication

["Matt Priestley" <mpriest () microsoft com>]

Here are some of the things my security team has observed with relation to cross-site scripting:

* as you said, persistent cookie theft
* "session theft" where you act in the context of a privileged user
* as you said, running script or objects
* SQL injection attacking the back end logic
* likewise, XML injection
* changing page banners or other decorations in deceptive ways
* DoS attacks on the underlying system error logs
* causing a trusted page to display a link to an untrusted page

-----Original Message-----
From: zero [mailto:zeroboy () arrakis es]
Sent: Saturday, March 16, 2002 5:39 AM
To: vuln-dev () securityfocus com
Subject: CSS implication


Hi all,
         I'm working on a CSS paper, and I was wondering, what are the real 
implications of a CSS attack. When some site is vuln to a CSS problem, 
you're able to execute code on the web. I've thought about the implications 
of this. First of all:
         - You can steal cookies from users
         - You can send bogus links faking the original site: i.e 
http://site/vuln.php?query=<script>...(faking vuln.php)...</script>
         - You can download & launch activeX (possible to download and 
execute trojans?)

Any more dangerous implications?


mailto:zeroboy () arrakis es
http://www.podergeek.com
http://www.citfi.org
**************************************************
"The further backward you look, the further forward you can see" Winston 
Churchill
  "Para ganar, hay gente que debe perder"