HSC Research Group -
Written by Hackers Center
Sunday, 24 December 2006 11:10
Hackers Center Security Group (http://www.hackerscenter.com)
Risk: Medium to High
Vendor: Yahoo, Paypal, Ebay & Microsoft
Desc: Multiple Cross site scripting vulnerabilities
Yahoo, Paypal, Ebay and Microsoft websites are vulnerable to cross site scripting vulnerabilities into
critical subdomains. It is possible to steal cookies simply forcing a victim to visit a crafted url.
Considering the many techniques an attacker can take advantage of to hide/embed the exploit in an email,
these kind of vulnerabilities in such big sites, should be taken into greater consideration.
Infact, The most interesting thing of our research was not the hole itself but they way it was (un)handled by the
respective security response teams.
This advisory is aimed at demonstrating the defects of nowadays systems of bug report used by the most
important and visited websites.
Yahoo, Paypal, Ebay and Microsoft were contacted the first time about 1 month ago (11/27). We sent a further email one week later.
Microsoft was the only to get back to us. But as of now they have fixed anything.
In our experience, Microsoft seems to have the fastest response center. This time only efficient one.
Yahoo XSS Pic: http://img379.imageshack.us/img379/6444/yahoonw5.png
Paypal XSS Pic: http://img186.imageshack.us/img186/8103/paypalqe7.png
Ebay XSS Pic: http://img291.imageshack.us/img291/2929/ebayll6.png
Microsoft XSS Pic: http://img382.imageshack.us/img382/9628/microxssxg7.png