|
Microsoft Internet Explorer Cookie Path Attribute Vulnerability
|
|
|
|
|
Secunia Advisory:
|
SA13208
|
|
|
Release Date:
|
2004-11-17
|
|
Last Update:
|
2005-02-21
|
|
|
Critical:
|
Not critical
|
|
Impact:
|
Hijacking
|
|
Where:
|
From remote
|
|
Solution Status:
|
Partial Fix
|
|
| Software: | Microsoft Internet Explorer 6.x
|
| | CVE reference: | CVE-2004-1527 (Secunia mirror)
|
|
|
|
|
|
Description:
Keigo Yamazaki has reported a vulnerability in Internet Explorer, which potentially can be exploited by malicious people to conduct session fixation attacks.
The vulnerability is caused due to a validation error in the handling of the path attribute when accepting cookies. This can potentially be exploited by a malicious website, if the trusted site supports wildcard domains or the domain name contains the malicious sites domain, using a specially crafted path attribute to overwrite cookies for the trusted site.
The vulnerability has been reported in Internet Explorer 6.0 SP1 on Microsoft Windows XP SP1. Microsoft Windows XP SP2 is reportedly not affected.
Note: Successful exploitation also requires that the trusted site handles cookies and authentication in an inappropriate or insecure manner.
Solution:
Update to Windows XP SP2.
Disable cookies except when needed.
Provided and/or discovered by:
Keigo Yamazaki
Changelog:
2005-02-21: Added CVE reference.
Original Advisory:
http://www.lac.co.jp/business/sns/intelligence/SNSadvisory_e/79_e.html
|
|
|
|
|
Please note: The information that this Secunia Advisory is based on comes from a third party unless stated otherwise.
Secunia collects, validates, and verifies all vulnerability reports issued by security research groups, vendors, and others.
|
|
|
|
133 Related Secunia Security Advisories, displaying 10
|
|
|
1. Internet Explorer MHTML Protocol Handler Cross-Domain Information Disclosure
|
|
2. Internet Explorer Multiple Vulnerabilities
|
|
3. Internet Explorer 6 Window "location" Handling Vulnerability
|
|
4. Internet Explorer "substringData()" Memory Corruption Vulnerability
|
|
5. Internet Explorer "Print Table of Links" Cross-Zone Scripting
|
|
6. Internet Explorer HTTP Request Smuggling/Splitting Vulnerabilities
|
|
7. Internet Explorer FTP Command Injection Vulnerability
|
|
8. Microsoft Internet Explorer Multiple Vulnerabilities
|
|
9. Internet Explorer Multiple Code Execution Vulnerabilities
|
|
10. Microsoft Web Proxy Auto-Discovery Feature Security Issue
|
Show all related advisories
|
|
|
Send Feedback to Secunia
|
|
If you have new information regarding this Secunia advisory or a product in our database, please send it to us using either our web form or email us at vuln@secunia.com.
Ideas, suggestions, and other feedback are most welcome.
|
|
|
|
