Re: Input Validation Vulnerability in Apple Safari version 1.2.4 v125.12

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: Re: Input Validation Vulnerability in Apple Safari version 1.2.4 v125.12
From: Nicolas Gregoire <ngregoire@xxxxxxxxxxxx>
Date: Sat, 05 Feb 2005 11:49:06 +0100
In-reply-to: <90d6eea4e8f0b3216d26c631c3526f73@xxxxxxx>
List-help: <mailto:bugtraq-help@securityfocus.com>
List-id: <bugtraq.list-id.securityfocus.com>
List-post: <mailto:bugtraq@securityfocus.com>
List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
Mailing-list: contact bugtraq-help@xxxxxxxxxxxxxxxxx; run by ezmlm
Organization: Exaprobe
References: <90d6eea4e8f0b3216d26c631c3526f73@xxxxxxx>

Le vendredi 04 février 2005 à 06:10 -0600, Jonathan Rockway a écrit :

> https://tigger.uic.edu/htbin/perlwrap-auth/jrockw2/safari_test.pl

An other test page is located here :
http://nicob.net/cgi-bin/content-type.cgi

> The security problem is that servers serving HTML may be taking 
> measures to prevent XSS attacks; i.e. they convert < to &lt;.  These 
> servers, when serving plain text, may not do this (because it is 
> unnecessary and undesirable)

Some Oracle webapps are doing exactly that : sending content with a
text/html content-type and not bothering to escape HTML or JavaScript
tags. 

-- 
Nicolas Gregoire ----- Consultant en Sécurité des Systèmes d'Information
ngregoire@xxxxxxxxxxxx ------[ ExaProbe ]------ http://www.exaprobe.com/
PGP KeyID:CA61B44F  FingerPrint:1CC647FF1A55664BA2D2AFDACA6A21DACA61B44F

References:
- Input Validation Vulnerability in Apple Safari version 1.2.4 v125.12
  - From: Jonathan Rockway

Prev by Date: Webroot Software Resigns from COAST
Next by Date: Re: Wireless networks/Default Admin username security problem in Croatia
Previous by thread: Input Validation Vulnerability in Apple Safari version 1.2.4 v125.12
Next by thread: [SECURITY] [DSA 667-1] New squid packages fix several vulnerabilities
Index(es):
- Date
- Thread