[Full-disclosure] [Advisory] Phishing Vulnerability in Verisign Network




Advisory : Phishing Vulnerability in Verisign Network
Dated : 5 July 2007
Severity : Critical

Explanation:

The Verisign Secured Network and Verisign Weblogs network is vulnerable to
phishing . The problem persists in the redirection links present which
allows third party redirection. The cause :

1. Redirection of traffic directly without visiting website.
2. The website wont check the link that is being called by the phisher.
3. Third party linking is possible.
4. Looping attack is also possible.

The vulnerable links are:

1. http://www.verisignsecured.com/Redirect.aspx?[ website name ]
2. http://www.weblogs.com/clickthru?url=[website name]

It is considered as vulnerable because the clickthru parameter can be
initialised
to any website not related to main website links respectively.

Examples:
1]http://www.weblogs.com/clickthru?url=http://www.unep.org/Documents.Multilingual/Default.asp?DocumentID='


2]http://www.weblogs.com/clickthru?url=http://www.weblogs.com/clickthru?url=http://www.pewinternet.org/report_display.asp?r=');--


3]http://www.verisignsecured.com/Redirect.aspx?http://www.unep.org/Documents.Multilingual/Default.asp?DocumentID='


4]http://www.verisignsecured.com/Redirect.aspx?http://www.weblogs.com/clickthru?url=http://www.weblogs.com/clickthru?url=http://www.pewinternet.org/report_display.asp?r=');--


5]http://www.verisignsecured.com/Redirect.aspx?http://www.weblogs.com/clickthru?url=http://www.weblogs.com/clickthru?url=http://www.weblogs.com/clickthru?url=http://www.google.com



Vendor Status : Reported.


Regards
Aditya K Sood
http://www.secniche.org



_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/



Relevant Pages

  • pre-scanning for vulnerability scans?
    ... My goal is to determine ways to speed up network vulnerability scans on a number of /20 networks ... Given the goal above, anyone have experience testing accuracy and speed for host detection and full port scans using various network scanners? ... Audit your website security with Acunetix Web Vulnerability Scanner: ... Cross site scripting and other web attacks before hackers do! ...
    (Pen-Test)
  • [Full-disclosure] [Advisory] Phishing Vulnerability in Verisign Network
    ... Phishing Vulnerability in Verisign Network ... The website wont check the link that is being called by the phisher. ...
    (Full-Disclosure)
  • [NT] CitectSCADA ODBC Service Vulnerability
    ... The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com ... Get your security news from a reliable source. ... are distributed in over 80 countries through a network of more than 500 ... A vulnerability was found in CitectSCADA that could allow a remote ...
    (Securiteam)
  • RE: PT Activity duration/time
    ... Vulnerability Assessment ... Audit your website security with Acunetix Web Vulnerability Scanner: ... Hackers are concentrating their efforts on attacking applications on ... Up to 75% of cyber attacks are launched on shopping carts, ...
    (Pen-Test)
  • Re: Biometrics
    ... within a network for internal safety reasons and potentially to act as ... source code that is flexible enough to offer external security, ... Chris's distinction between the Internet and "a network" (presumably ... You quote a specific vulnerability below, about DNS, and you then make ...
    (microsoft.public.security)