[Full-disclosure] OWASP LiveCD Vulnerabilities

************************** bloSOFT **************************
Super Wowzer Hacker Team - Professional Vulnerability Assessments

BLOsoft Research Team
Base Level Ops Securing Otherwise Fscked Tech!

If you intend on pimping this advisory on your Geocities web page please
create a clickable link back to our uberhawtness security page and include
annoying use of the <blink> tag

For more information about Hacking finger condor @well.com

[Advisory Information]
Contact : Brigette DéFaveur
Advisory ID : BLOSOFT-20090521
Product Name : WebGoat
Product Version : All versions
Vendor Name : OWASP
Type of Vulnerability : Multiple
Impact : Extremely Critical, like wtf critical
Vendor Notified : 20090521

[Product Description]
"The Open Web Application Security Project (OWASP) is a worldwide free and
open community focused on improving the security of application software.
Our mission is to make application security visible, so that people and
organizations can make informed decisions about true application security

Taken From:

[Technical Summary]
Webgoat is vulnerable to the following attacks:

Cross-site Scripting (XSS)
Access Control
Hidden Form Field Manipulation
Parameter Manipulation
Session Cookies
SQL Injection

While performing our advanced superwowzer hackerfying analysis discovered
that WebGoat is vulnerable to dozens if not billions of attacks if they
were attacked by attackers.

[Impact varies from installation to installation]

- Cookie stealing
- Cookie harassing
- Cookie tampering
- Tampering of harassed cookie
- Harassing the thief tampering with cookies
- High level advanced SQL injection (' or 1=1-- )
- High level super advanced XSS <b onmouseover=alert('bloSOFT')>OMFG</b>
- Improper sanitization of the blink tag

[Proof Of Concept]
Download WebGoat and you too can see the trillions of exploits affecting
this software. We will not pollute the www with another useless filth of
a program designed to assist in the manipulation of security

[Vendor Status and Chronology]

Current Vendor Status: OWASP has to many members that don't matter.

05/21/2009 07:11:57 AM EST - Vulnerabilities Discovered
05/21/2009 07:11:59 AM EST - Vendor Notified
05/21/2009 07:12:18 AM EST - Requested vendor feedback via email
05/21/2009 07:13:23 AM EST - No response from vendor
05/21/2009 07:13:28 AM EST - Began advisory release process

Leave Britney alone

bloSOFT assumes no liability for the use of the information provider in
this disclosure. This advisory was released in an effort to prove our
worthiness to the I.T. community. Although we may at times attempt to
extort or blackmail companies in order to comply with our view of how
security should be, we make no intelligent assumptions or decisions in
releasing our security advisories.

bloSOFT is focused on the core commitment to provide the whole wide world
with security designs and solutions that fit. Our team consists of expert
level engineers with an array of experience ranging from eggdrop shells,
running nmap, re-hashing advisories and securitizing maximized potential
designs with actionable digital intelligence catering to the professional
hackers. Should you wish to place us at the top of "security review" by
using an alias please do so. Although we might not be as elite as other
companies like Netragard, bear in mind, even ImmunitySec isn't as elite
or as talented as Netragard.


Simone Smithereen - we wub you oh grand masteress
Kevin Finkelstein - we be done havin yo back slap mah fro
Adrien DéFaveur - my brother, I know you didn't blackmail HP!

All the rest - all the best

Be Yourself @ mail.com!
Choose From 200+ Email Addresses
Get a Free Account at www.mail.com

Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/