Bug#268016: [CAN-2004-0746] Konqueror Cross-Domain Cookie Injection

To: submit@bugs.debian.org
Subject: Bug#268016: [CAN-2004-0746] Konqueror Cross-Domain Cookie Injection
From: Martin Schulze <joey@infodrom.org>
Date: Wed, 25 Aug 2004 16:54:03 +0200
Message-id: <[🔎] 20040825145403.GF6910@finlandia.infodrom.north.de>
Reply-to: Martin Schulze <joey@infodrom.org>, 268016@bugs.debian.org

Package: konqueror
Version: 3.2.3-1
Severity: grave
Tags: security upstream sarge

        Web sites operating under the affected domains can set HTTP
        cookies in such a way that the Konqueror web browser will send them
        to all other web sites operating under the same domain.
        A malicious website can use this as part of a session fixation
        attack. See e.g. http://www.acros.si/papers/session_fixation.pdf

        Affected are all country specific secondary top level domains that
        use more than 2 characters in the secondary part of the domain name
        and that use a secondary part other than com, net, mil, org, gov,
        edu or int. Examples of affected domains are .ltd.uk, .plc.uk and
        .firm.in

        KDE versions up to KDE 3.2.3 inclusive. KDE 3.3 is not affected.

There is 3.2.3-1 in sid for some architectures, but they will probably
replaced soon by 3.3.0-1 which is said to be not vulnerable.

Regards,

	Joey

-- 
There are lies, statistics and benchmarks.

Please always Cc to me when replying to me on the lists.

Reply to:

Follow-Ups:
- Bug#268016: [CAN-2004-0746] Konqueror Cross-Domain Cookie Injection
  - From: Ben Burton <bab@debian.org>

Prev by Date: Bug#265473: KDE 3.3
Next by Date: Bug#268016: [CAN-2004-0746] Konqueror Cross-Domain Cookie Injection
Previous by thread: Bug#265473: KDE 3.3
Next by thread: Bug#268016: [CAN-2004-0746] Konqueror Cross-Domain Cookie Injection
Index(es):
- Date
- Thread