Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

[CSS] Cross Site Scripting in the translation and infoplease services of lycos.com possible

From: <tsr () it-checkpoint net>
Date: Thu, 14 Mar 2002 15:15:29 +0100
 
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- -------------------------------------------------------------
itcp advisory 4 advisories () it-checkpoint net
http://www.it-checkpoint.net/advisory/4.html
March  14th, 2002
- -------------------------------------------------------------



translation.lycos.com and infoplease.lycos.com allow Cross Site
Scripting
- --------------------------

Affected program: -
Vendor: Lycos.com
Vulnerability-Class: Cross Site Scripting (CSS)
OS specific: No
Problem-Type: remote




SUMMARY

Cross Site Scripting in the translation and infoplease services of
lycos.com possible




DETAILS

The translation and infoplease services of lycos.com are not checking
for any hostile input so it is able to steal cookies.

Bug analysis: Missing filters for Characters like "<" or ">"



Impact: Stealing of cookies possible



Exploit:

The only thing you have to do is entering some HTML-Code in the
textbox or
just click on the following links:


translation.lycos.com:
http://translation.lycos.com/?urltext=<script>alert(document.cookie)</
script

&lp=en_de&partner=demo-Lycos2-en


- --------------

infoplease.lycos.com:
http://www.infoplease.lycos.com/search.php3?in=dictionary&query=</titl
e><scr
ipt>alert(document.cookie)</script>


Solution: Implement a filter which filters dangerous characters,
especially "<" and ">"



ADDITIONAL INFORMATION
Vendor has been contacted.




- - -------------------------------------------------------
tSR <tsr () it-checkpoint net>
Member of:
http://www.IT-Checkpoint.net

We work for your security


- - -----------------------
DISCLAIMER:
The information in this bulletin is provided "AS IS" without warranty
of any kind.
In no event shall we be liable for any damages whatsoever including
direct, indirect, incidental, consequential, loss of business profits
or
special damages.

-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 7.0.3 for non-commercial use <http://www.pgp.com>

iQA/AwUBPJCweCoElucNbCmCEQJ4owCg1uP6UotWtqeEWAgKPvP/wFbhkzcAoIF6
pRXZwkWImhsIXW2Cq/eQF9AF
=MetP
-----END PGP SIGNATURE-----
Previous By Date Next
Previous By Thread Next

Current thread: