Bugtraq mailing list archives

Re: [WEB SECURITY] Universal XSS with PDF files: highly dangerous

From: Amit Klein <aksecurity () gmail com>
Date: Fri, 05 Jan 2007 20:16:49 +0200

RSnake wrote:

2. While thinking more about this solution, I observed that if theattacker can have an "agent" sharing the same IP address with thevictim (by agent I mean an entity that can communicate with thetarget web site and read back its response data), then the algorithmsI suggested will not be effective. Note that an attacker can share IPaddress with the victim when both share a forward proxy (e.g. someuniversities and ISPs), or when the attacker and victim share thesame machine (multi-user environment). Still, that narrows down theattack surface significantly.
It should be noted that this isn't as rare as just a few universities
and ISPs.  This also happens in lots of corporate networks (rogue user
on the internal network),  it happens with lots of internet cafe's, it
happens with AOL (~5MM users) and it happens with TOR users.  So while,
yes, I agree it is better than nothing it is hardly a rock solid
solution for anyone on a shared IP.

The point is - someone with shared IP is vulnerable ONLY to an attackerwith the same IP. Which makes attacks much less generic and much morepainful. Rock solid it ain't, but I think it's a pretty good band-aiduntil all (hmmm...) clients upgrade to Acrobat Reader 8.0.


-Amit

Current thread:

Re: [WEB SECURITY] Universal XSS with PDF files: highly dangerous, (continued)
- - - Message not available
    - Re: [WEB SECURITY] Universal XSS with PDF files: highly dangerous RSnake (Jan 03)
    - Re: [WEB SECURITY] Universal XSS with PDF files: highly dangerous Dave Ferguson (Jan 03)
    - Message not available
    - Message not available
    - Re: [WEB SECURITY] Universal XSS with PDF files: highly dangerous Amit Klein (Jan 08)
    - Re: [WEB SECURITY] Universal XSS with PDF files: highly dangerous pdp (architect) (Jan 03)
    - Re: [WEB SECURITY] Universal XSS with PDF files: highly dangerous Amit Klein (Jan 03)
    - Re: [WEB SECURITY] Universal XSS with PDF files: highly dangerous pdp (architect) (Jan 03)
    - Re: [WEB SECURITY] Universal XSS with PDF files: highly dangerous bugtraq (Jan 04)
    - RE: [WEB SECURITY] Universal XSS with PDF files: highly dangerous Martin O'Neal (Jan 08)
    - Message not available
    - Re: [WEB SECURITY] Universal XSS with PDF files: highly dangerous Amit Klein (Jan 08)
    - Re: [WEB SECURITY] Universal XSS with PDF files: highly dangerous RSnake (Jan 08)
    - Re: [WEB SECURITY] Universal XSS with PDF files: highly dangerous Amit Klein (Jan 08)
    - Re: [WEB SECURITY] Universal XSS with PDF files: highly dangerous RSnake (Jan 08)
    - Re: [WEB SECURITY] Universal XSS with PDF files: highly dangerous Amit Klein (Jan 08)
    - Re: [WEB SECURITY] Universal XSS with PDF files: highly dangerous Brian Eaton (Jan 09)
    - RE: [WEB SECURITY] Universal XSS with PDF files: highly dangerous Marvin Simkin (Jan 09)
    - Re: [WEB SECURITY] Universal XSS with PDF files: highly dangerous Ralph Angenendt (Jan 10)
    - RE: [WEB SECURITY] Universal XSS with PDF files: highly dangerous Guy Podjarny (Jan 08)
    - Re: [WEB SECURITY] Universal XSS with PDF files: highly dangerous Amit Klein (Jan 08)
    - RE: [WEB SECURITY] Universal XSS with PDF files: highly dangerous Tom Spector (Jan 09)
- Re: [WEB SECURITY] Universal XSS with PDF files: highly dangerous sven . vetsch (Jan 03)
  - Re: [WEB SECURITY] Universal XSS with PDF files: highly dangerous pdp (architect) (Jan 03)

(Thread continues...)