Big Flaw in Firefox 2: Password Manager Bug Exposes Passwords Nov 22 2006 09:57AM
fash1on gmail com (1 replies)
Re: Big Flaw in Firefox 2: Password Manager Bug Exposes Passwords Nov 23 2006 04:04PM
3APA3A (3APA3A SECURITY NNOV RU)
Dear fash1on (at) gmail (dot) com [email concealed],

It looks like in order to exploit this, attacker must be able to insert
form in content of exploited site. That is, to exploit this
vulnerability, e.g. crossite scripting vulnerability is required. In
this case, this is a flow, but not so big one. Is it so, or I miss
something?

--Wednesday, November 22, 2006, 12:57:43 PM, you wrote to bugtraq (at) securityfocus (dot) com [email concealed]:

fgc> "Today, Mozilla made public bug #360493, which exposes
fgc> Firefox's Password Manager on many public sites. The flaw derives
fgc> from Firefox's willingness to supply the username and password
fgc> stored on one page on a domain to another page on a domain. For
fgc> example, username/password input tags on a Myspace user's site will
fgc> be unhelpfully propagated with the visitor's Myspace.com
fgc> credentials. It was first discovered in the wild by Netcraft on
fgc> Oct. 27. As this proof-of-concept illustrates, because the
fgc> username/password fields need not be visible on the page, your
fgc> password can be stolen in an almost completely transparent fashion.
fgc> PoC here: http://www.info-svc.com/news/11-21-2006/rcsr1/

--
~/ZARAZA
Ïî÷òåííûå èñêîïàåìûå! Æäó îò âàñ äàëüíåéøèõ ïèñåì. (Òâåí)

[ reply ]


 

Privacy Statement
Copyright 2010, SecurityFocus