--- [EMAIL PROTECTED] wrote: > To give some details: > > I am unable to re-produce a CSRF attack when the victim is > using a I.E. 6.01 SP1 (all patches applied). However the > attack works in Mozilla and other older browsers. > > I can't give you the exact code for attack (for security > reasons), but it is similar to the following: > > If you insert the following HTML code in "any" web page > residing at any domain, it will cause you to be logged out of > /. if you previously logged in the /. system: > <img src="http://slashdot.org/my/logout" height="1" width="1"> > > This type of attack makes use of CSRF. > > Try to insert the above HTML line a web page of your choice, > and then load the web page. If you are using Mozilla, it will > log you off from /. However in the latest build of I.E. it > doesn't work, whereas it should work.
Very nice description of what you've been observing. I still find it impossible to believe that the HTTP requests for http://slashdot.org/my/logout sent from Mozilla and IE are identical. :-) Can you show us the exact requests that you logged? Chris ===== Chris Shiflett - http://shiflett.org/ PHP Security - O'Reilly Coming Fall 2004 HTTP Developer's Handbook - Sams http://httphandbook.org/ PHP Community Site http://phpcommunity.org/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php