Bugtraq mailing list archives

Security Flaw in Cookies Implementation

From: oliver () LINEHAM CO NZ (Oliver Lineham)
Date: Thu, 24 Dec 1998 11:09:19 +1300


I have discovered what I beleive to be a flaw in the implementation of
cookies, that allows for possible security implications.

Products affected appear to include EVERY VERSION of Navigator that support
cookies, and EVERY VERSION of Internet Explorer that support cookies.

For a detailed explanation and analysis, please visit
http://www.paradise.net.nz/~glineham/cookiemonster.html immediately.
This site also contains a working demonstration.

The problem relates to the restrictions applied to domains outside the
united states, and how many dots they must contain.

The site contains a full analysis of the problem, and has a working
demonstration.

Regards,

Oliver Lineham

---------------------------------------------------
Internet Services / Webdesign / Strategic Planning
PO Box 30-481, Lower Hutt, NZ  oliver () lineham co nz
Phone +64 4 566-0627       Facsimile +64 4 570-1900

Current thread:

Re: New perl module Net::RawIP, (continued)
- - - Re: New perl module Net::RawIP route () RESENTMENT INFONEXUS COM (Dec 22)
    - [SecureXpert Labs Advisory SX-98.12.23-01] Widespread DoS Richard Reiner (Dec 23)
    - Merry Christmas to Sun! (Was: L0pht NFR N-Code Modules Updated) Anonymous (Dec 23)
    - Re: Merry Christmas to Sun! (Was: L0pht NFR N-Code Modules Casper Dik (Dec 24)
    - Re: Merry Christmas to Sun! (Was: L0pht NFR N-Code Modules Dima Volodin (Dec 25)
    - Re: Merry Christmas to Sun! (Was: L0pht NFR N-Code Modules Lamont Granquist (Dec 28)
    - Re: Merry Christmas to Sun! (Was: L0pht NFR N-Code Modules Igor Schein (Dec 28)
    - Re: Merry Christmas to Sun! (Was: L0pht NFR N-Code Modules Casper Dik (Dec 28)
    - A few more fingerprinting techniques - time and netmask David G. Andersen (Dec 28)
    - Microsoft Security Bulletin (MS98-020) aleph1 () UNDERGROUND ORG (Dec 23)
    - Security Flaw in Cookies Implementation Oliver Lineham (Dec 23)
    - Re: Why you should avoid world-writable directories Gonzo Granzeau (Dec 22)
    - Re: Why you should avoid world-writable directories Kragen Sitaker (Dec 22)
  - CERT Advisory CA-98.13 - TCP/IP Denial of Service aleph1 () UNDERGROUND ORG (Dec 21)
- Re: Verifying file data integrity using L6 der Mouse (Dec 22)
- Re: Verifying file data integrity using L6 Jim Dennis (Dec 24)