Pubcookie is open sourced single sign-in software that allows access to multiple applications on multiple servers through a single interface.  Pubcookie also happens to be vulnerable to cross site scripting. (Mirrored at CERT).
This reminds me a little of the exploit that came out about a year back where domains were not properly understood by browsers and someone was able to write cookies to the entire set of domains located at .co.uk for instance.  Single sign-on applications are particularly sensitive to attack because they control so many different sites’ access.  It’s worth noting this, if you are attempting to build a single sign-on application or something that uses credentials from one site to another. The rule of thumb is as follows:  When using single sign-on, you are always at the mercy of the least secure of your applications that use it.  You can quote me on that.

In this example the application itself was vulnerable, but if you have two sites one of which has good security, and the other has bad security, and they both have the same access credentials, if the insecure application credentials get hijacked, both are risking compromise.  The weakest link definitely applies to SSO.

/RSnake

This entry was posted on Monday, June 12th, 2006 at 3:17 pm and is filed under XSS, Webappsec. You can leave a response as well.