Yahoo! Statistical functions cross-site scripting vulnerability-vulnerability warning-the black bar safety net

ID MYHACK58:62200819420
Type myhack58
Reporter 佚名
Modified 2008-06-20T00:00:00


Source: 80sec

Vulnerability Description: The yahoo statistics function is widely used for site access statistics, used to make a variety of data analysis such as access to the source, The Client Access page statistics, etc., specific information can access the web site http://tongjia. yahoo. cn. But 80sec found that the feature there is a serious vulnerability that could lead to user information being stolen, and may be in possession of the user's yahoo ID, enter including mail. yahoo. cn within other services.

Vulnerability causes: the yahoo statistics function to get the user to submit the parameters when the lack of the necessary filtering, resulting in a malicious user can submit a carefully constructed data into the Control Panel background, such as access to address information is not filtered into the background, so that you can lead to a cross-site scripting attack vulnerability. In addition, as yahoo the user authentication information the lack of necessary protection, you can lead a malicious user to obtain sensitive information, and then use yahoo's authentication mechanism of the defects, you can use the identity of the user into other services such as mail. yahoo. cn

Vulnerability test: with the yahoo statistics page, via the below address visit:"& gt;<script>alert(.)& lt;/script>

Then in foosite of yahoo statistics Control Panel access page analysis you can see the trigger effect. Through the introduction of malicious JavaScript, the attacker can obtain a webmaster's identity for other dangerous operation. 80sec has been tested successfully.

Bug fixes: the vendor has been fixed

Vulnerability status: 80sec to 6. 1 3 to discover the vulnerability 80sec to 6. 1 3 submitted to the vendors 6.16 the vendor to fix the vulnerability 6.18 issue of the Bulletin