Re: squirrelmail CSRF vulnerability

看板Bugtraq作者josh.時間18年前 (2007/05/11 04:04)推噓0(0推 0噓 0→)

留言0則, 0人參與討論串2/5 (看更多)

On Thu, 10 May 2007 p3rlhax@gmail.com wrote: > IV. DETECTION > > Latest version of squirrel mail 1.4.8-4.fc6 and prior are found vulnerable. > > V. WORKAROUND > > I. Application should check for Referer Header in every post login request. Referer headers can be forged via Flash, so it is not a good idea to rely on these for security. > > II. Application should use CSRF token which is random enough to identify every legitimate post login request. According to: http://squirrelmail.org/security/issue/2006-12-02 version 1.4.8-4 is vulnerable to a XSS vulnerability, so an attacker could use the XSS vector to grab the session token ("CSRF token") and continue the CSRF attack. -- - Josh

‣ 返回看板[ Bugtraq ] 臭蟲

‣ 更多 josh. 的文章

文章代碼(AID): #16Gthb00 (Bugtraq)