Re: [Full-disclosure] NewOrder.box.sk Inherits Severe RedirectionVulnerability
- From: "Nikolay Kichukov" <hijacker@xxxxxxxxx>
- Date: Thu, 29 Mar 2007 21:44:44 +0300
Hello Aditya,
I see your point there. Hope they get it fixed. Should the patch involve
some referrer checking?
Regards,
-Nikolay Kichukov
----- Original Message -----
From: "Aditya K Sood" <zeroknock@xxxxxxxxxxx>
To: "Nikolay Kichukov" <hijacker@xxxxxxxxx>;
<full-disclosure@xxxxxxxxxxxxxxxxx>
Sent: Thursday, March 29, 2007 7:40 PM
Subject: Re: [Full-disclosure] NewOrder.box.sk Inherits Severe
RedirectionVulnerability
Nikolay Kichukov wrote:redirection
Hello there,
I've read the article, but I still do not see where the severe
tovulnerability is. Is this not a feature of the neworder.box.sk web site
specificallow anyone to be redirected to anypage they submit to redirect.php?
Thanks,
-Nikolay Kichukov
----- Original Message -----
From: "Aditya K Sood" <zeroknock@xxxxxxxxxxx>
To: <full-disclosure@xxxxxxxxxxxxxxxxx>
Sent: Wednesday, March 28, 2007 8:49 PM
Subject: [Full-disclosure] NewOrder.box.sk Inherits Severe
RedirectionVulnerability
Hi
Previous Rootkit.com Vulnerability have been patched.
The neworder.box.sk is famous security website.It inherits very
partyredirection attacks. The domain forwarding or URL forwarding not only
directly possible through the website but can be called from third
http://zeroknock.blogspot.com/2007/03/neworderboxsk-inherits-severe.htmldirectly.
A very generic analysis have been undertaken based on search engine
specification.Look into the issues at:
Hi nikolayhttp://zeroknock.metaeye.org/analysis/neworder_red.xhtml
Regards
Zeroknock
http://zeroknock.metaeye.org/mlabs
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Thats where the thinking is bit off side.
Remember there
is lot of difference between redirection occurs from the main website
through generating event and the redirection that occurs from the third
party.It will be okay to the feature context if the redirection supports
only from the website.
More precisely a search engine check is performed at the top to show
that the page is not subjected as standard page for redirection. If its
a feature than it must not be redirected from the third party.
Thats All.
Regards
Adi
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
- Follow-Ups:
- Re: [Full-disclosure] NewOrder.box.sk Inherits Severe
- From: bugtraq
- Re: [Full-disclosure] NewOrder.box.sk Inherits Severe
- References:
- [Full-disclosure] NewOrder.box.sk Inherits Severe Redirection Vulnerability
- From: Aditya K Sood
- Re: [Full-disclosure] NewOrder.box.sk Inherits Severe RedirectionVulnerability
- From: Nikolay Kichukov
- Re: [Full-disclosure] NewOrder.box.sk Inherits Severe RedirectionVulnerability
- From: Aditya K Sood
- [Full-disclosure] NewOrder.box.sk Inherits Severe Redirection Vulnerability
- Prev by Date: [Full-disclosure] [ MDKSA-2007:071 ] - Updated xmms packages to address integer vulnerabilities
- Next by Date: Re: [Full-disclosure] NewOrder.box.sk Inherits Severe
- Previous by thread: Re: [Full-disclosure] NewOrder.box.sk Inherits Severe RedirectionVulnerability
- Next by thread: Re: [Full-disclosure] NewOrder.box.sk Inherits Severe
- Index(es):
Relevant Pages
|
