CyberInsecure.com

Daily cyber threats and internet security news: network security, online safety and latest security alerts
April 15th, 2008

Google Fixes Cookie Stealing Vulnerability

Security researchers have unpicked a flaw in Google spreadsheets that allows cookie stealing. The cross-site scripting vulnerability enables attackers to use stolen cookies to access any Google service a user has registered, including accessing a victim’s Google mail account. Google has now plugged the vulnerability, discovered by security researcher Billy Rios. A Google cookie is valid across all its sub domains, a convenience factor that greatly enhances the potential for mischief.

This particular XSS vulnerability on Google’s domain takes advantage of how IE determines the content type of the HTTP response being returned by the server. Other browsers have problems in handling content-type headers properly, but this vulnerability is limited to IE.

Rios created a spreadsheet which contained HTML and a string of JavaScript code for viewing a user’s cookie. He then saved this spreadsheet and generated a link for the spreadsheet to be served as a text-based CSV file, which IE mistakenly interprets as HTML.

Anyone viewing this doctored spreadsheet would hand over their cookies to Rios, or potentially an attacker. Fortunately, Google has now rendered crafted table content as text rather than HTML.

Email, Bookmark or Share:
  • E-mail this story to a friend!
  • Digg
  • del.icio.us
  • StumbleUpon
  • Reddit
  • Technorati
  • Slashdot
  • Propeller
  • Google
  • Live
  • YahooMyWeb
  • TwitThis
  • Facebook
  • LinkedIn

More on CyberInsecure:
  • Browser Protocol Weakness Allows Theft/Poisoning Of Website Credentials
  • WordPress Cookie Integrity Protection Allows Unauthorized Access
  • Cross-Domain Vulnerability In Microsoft Internet Explorer 6
  • Patch For Android Security Flaw Released By Google And T-Mobile
  • Cross-site Scripting Vulnerability On Yahoo’s HotJobs Site Exposes Yahoo Accounts

    • Posted in Google, Vulnerabilities | Print This Post Print This Post

    This entry was posted on Tuesday, April 15th, 2008 at 10:53 am and is filed under Google, Vulnerabilities. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

    If you found this information useful, consider linking to it from your own website.
    Just copy and paste the code below into your website (Ctrl+C to copy)
    It will look like this: Google Fixes Cookie Stealing Vulnerability

    Leave a Reply

    Comments with unsolicited links to other resources will be marked as spam. DO NOT leave links in comments. Please leave your real email, it wont be published.

    *
    To prove you’re a person (not a spam script), type the security word shown in the picture. Click on the picture to hear an audio file of the word.

    « « High Success Rate Breaking Hotmail CAPTCHAs
    Williamsville Central School District Employees Data Stolen By Students » »