Access member only content, take part in discussions with comments on blogs, news and reviews and receive all the latest security industry news directly to your inbox. Join now for free.
A confirmation email has been sent to your email address - SUPPLIED EMAIL HERE. Please click on the link in the email to verify your email address. You need to verify your email before you can start posting.
If you do not receive your confirmation email within the next few minutes, it may be because the email has been captured by a junk mail filter. Please ensure you add the domain @scmagazine.com.au to your white-listed senders.
A months-old cross-site scripting (XSS) vulnerability affecting the website for the Pentagon was brought to light again this week when a researcher posted two attack scenarios.The researcher, using the alias "Ne0h", found the vulnerability on the Pentagon's Tours' page and posted two proof-of-concept scripts.None of the exploits, however, could lead to any sensitive Pentagon data being compromised because the site is only used to provide information on visiting the headquarters of the US Department of Defense, according to a post on security blog Praetorian Prefect. However, a successful attack could harm users visiting the site.Users could fall victim to other IFRAME or JavaScript injection, according to the blog. The vulnerability, related to weak validation on the site's photo album application, dates back to last spring when it was posted to XSS.com, a vulnerability clearinghouse."If not patched, the Pentagon website may be used as part of other web-based attacks via redirection using URLs sent to a user that appear to be from the Pentagon website," he said. "This type of XSS vulnerability, a reflected XSS vulnerability, is fairly common in web applications. A high-profile site such as that of the Pentagon should close it out." A Department of Defense spokesperson did not respond to a request for comment. In addition, Mike Bailey, a senior security researcher at Foreground Security, which provides penetration testing services and security auditing, said the bug could have wider impacts due to the contradictory way that cookies and the domain name system (DNS) act. A vulnerability on one website subdomain can be used to attack the main production domain -- in this case, osd.mil -- or another subdomain, which may contain more confidential information than the Pentagon site does."There's not really anything to exploit on that domain, unless you want to force someone to book a tour at the Pentagon," Bailey told SCMagazineUS.com. "It's not until you look at how this may affect other osd.mil websites that things get interesting. As small and trivial and common as this vulnerability is, it really can have a far-reaching effect."He said the osd.mil domain contains thousands of subdomains. XSS attacks generally are not used to infect users with malware but to expose sensitive data for hackers to steal."It's to make the user attack the server for you and take information for [the attacker]," Bailey said. "It exploits whatever trust the server may have in your browser."See original article on scmagazineus.com
To begin commenting right away, you can log in below or register an account if you don't yet have one. Please read our guidelines on commenting. Offending posts will be removed and your access may be suspended. Abusive or obscene language will not be tolerated. The comments below do not necessarily reflect the views or opinions of SC Magazine, Haymarket Media or its employees.