Cross-site cooking

from Wikipedia, the free encyclopedia
In cross-site cooking , the attacker uses a bug in the browser to send an incorrect cookie to the server.

Cross-site cooking is a kind of browser exploit (dt .: exploiting a bug in a browser) which one it Angreiferallows a cookie for the domain of another Serversto set the browser.

Cross-site cooking can be used to create session fixation attacks. The attacker could use such a program error to freeze the session ID in the cookie .

Another attack scenario is also possible: One Angreifercould know about a security hole in a server, which can be exploited by using a cookie. But if this vulnerability requires an administrator password, for example, cross-site cooking could be abused to use an innocent user to inadvertently carry out an attack.

Cross-site cooking is basically similar to cross-site scripting , cross-site request forgery , cross-site tracing , cross-zone scripting and others, because all these exploits of security flaws work by transferring data or code between them different websites (in some cases between email or chat messages and websites). Only logical security limits given by the browser prevent websites from stealing or damaging data from one another. This is where bug exploitations such as cross-site cooking come into play in order to move data or code beyond these logical security limits.

origin

The name and concept of cross-site cooking was not first coined by Michal Zalewski , a Polish security expert, but was used much earlier. The name is a combination of Cross Site and a cookie to clarify the principle. The name may also have been chosen to be funny on purpose.

Unresolved, known security vulnerabilities in browsers have been around for 8 years and there is no solution in sight. In Michal Zalewski's 2006 article, Benjamin Franz was attributed the discovery. In May 1998 he reported on a "Domain des Cookies" -related security risk for providers of web services. Benjamin Franz published this vulnerability and saw it mainly as a way to bypass data protection mechanisms in widely used browsers. Michal Zalewski came to the conclusion that the bug was still present in some browsers 8 years later (not fixed) and could be used for cross-site cooking. Zalewski and others, however, made some comments such as " vendors [...] are certainly not in a hurry to fix this " (German: "(Browser) manufacturers see no reason to solve this problem quickly").

Individual evidence

  1. ^ Website of Benjamin Franz ( memento of January 29, 1999 in the web archive archive.today ), accessed on August 17, 2011

Web links

  • Cross Site Cooking Article by Michal Zalewski. Describes the concept and 3 bugs that make cross-site cooking possible. One of these bugs is the one that Benjamin Franz discovered.