I really loved this quote: "Special thanks to Blackboard Inc. The bad support for standards, resulting in the inability to use the Blackboard Content System in WebDAV mode with my Konqueror, inspired me to look for more bugs."
So true. So true. M!ke -----Original Message----- From: Jochem van Dieten [mailto:[EMAIL PROTECTED] Sent: Thursday, August 25, 2005 5:15 AM To: CF-Community Subject: Re: using AJAX to spy on users As promised some details on the security vulnerability I recently found. It concerned the Blackboard Content System where users could upload files with scripting and then lure other users to those pages and hijack their blackboard sessions and potentially steal their passwords using a specially crafted XMLHTTP request: https://listserv.surfnet.nl/scripts/wa.exe?A2=ind05&L=cert-bulletins&F=&; S=&P=1115 The thing is, this is absolutely not new. I didn't invent it myself, it comes straight from a whitepaper dated 2003-01-20: http://www.cgisecurity.com/whitehat-mirror/WhitePaper_screen.pdf Blackboard has begun issuing a series of patches, but apart from disabling TRACE it looks like they want to focus on filtering javascript. It will be interesting to see if they can find javascript better then I can hide it :) Jochem ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Discover CFTicket - The leading ColdFusion Help Desk and Trouble Ticket application http://www.houseoffusion.com/banners/view.cfm?bannerid=48 Message: http://www.houseoffusion.com/lists.cfm/link=i:5:171082 Archives: http://www.houseoffusion.com/cf_lists/threads.cfm/5 Subscription: http://www.houseoffusion.com/lists.cfm/link=s:5 Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.5 Donations & Support: http://www.houseoffusion.com/tiny.cfm/54
