Cross-Site-Cooking

Cross-Site Cooking is a kind of browser exploit (German: exploiting a bug in a browser) to set which allows an attacker to set a cookie for the domain of another server in the browser.

Cross-Site Cooking can be exploited to exercise session fixation attacks. The attacker may leave the session ID solidify in the cookie using such a program error.

Another attack scenario is also possible: An attacker may know of a vulnerability in a server, which is exploitable by use of a cookie. But if this vulnerability requires, for example, an administrator password, Cross-Site Cooking could be abused to use an innocent user to unintended executing an attack.

Cross-site cooking is similar in principle to cross-site scripting, cross-site request forgery, cross-site tracing, cross-zone scripting and other things because all these ratios of vulnerabilities operate through transmission of data or code between different sites (in some cases also between E-Mail-/Chat-Nachrichten and websites ). Only browser side given to prevent logical security boundaries that websites steal data or damage each other. At this point, put on such Bugausnutzungen as the cross-site cooking, to move data or code on this logical security boundaries.

Origin

The name and the concept of cross-site cooking was influenced not only by Michal Zalewski, a Polish security experts, but was used much earlier. The name is a combination of cross-site (, cross-page ') and cookie to illustrate the principle. Maybe the name has been chosen also intends funny.

Unresolved, known security vulnerabilities in browsers there for 8 years and there is no solution in sight. In Michal Zalewski's article from 2006 Benjamin Franz was attributed to the discovery. This reported in the May 1998 on a dependent of the domain of the cookie security risk for providers of Web services. Benjamin Franz published this vulnerability and saw them mainly as a way to to circumvent data protection mechanisms in widely used browsers. Michal Zalewski came to the conclusion that the bug also was only 8 years later in some browsers available ( unresolved ) and could be exploited for cross-site cooking. Zalewski and others made, however, a few remarks as "vendors [ ... ] Certainly are not in a hurry to fix this " (engl.: " (browser ) manufacturers see no reason this problem quickly resolve ").