FortKnox's Journal: Even Slashdcode has vulnerabilities

Check this out. Apparently, slashcode has a vulnerability that has been fixed. Jamie states that there will be an explanation today. Looking forward to it.

yup....

[jeffy124]

I got burned by it yesterday morning (thank god I was the only one in the lab).

Basically, trolls found a way to embed javascript into a post, using the onmouseover function. Run the mouse over a post (no-click req'd) with this and get about 10 new windows showing goatse's glory.

Other variations on this were changing all the links in the page to goatse, alert("You're now being redirected to one of out sponsors.") only to get goatse, infinite loops of goatse pop-ups. You get the idea.....

When I found this, I ran over to SourceForge and wrote up a bug report. During the time I wrote it up, they took slashdot offline or something, as I couldnt reach anything other than the front page after the doing the write up. I suspect they (Jamie, CmdrTaco, etc) found a problem and thought they were r00t3d (or got a ton of WTF emails) and decided to shut the servers down and investigate further. Maybe then they found wither my bug report, or others like it.

Jamie wrote in the report that they fixed the slashcode bug and have removed all the offending posts, citing the FAQ that they remove posts that contain bad HTML.

Re:yup....

[Jucius Maximus]

"Basically, trolls found a way to embed javascript into a post, using the onmouseover function. Run the mouse over a post (no-click req'd) with this and get about 10 new windows showing goatse's glory."

Stuff like this is one reason why I always browse with images turned OFF when at the office.

Re:yup....

[phyxeld]

So, theres an exploit where you can run javascript code "from" slashdot.org... and can read slashdot cookies... and the best exploit was a goatse popup? I would think someone would have taken advantage of this and, oh, harvested some fucking passwords or something. Or fucked with people's slashdot preferences. Or SOMETHING. But, no, the uncreative troll community just puts up a goatse popup. *sigh* (correct me if i'm wrong here..)

Stuff like this is one reason why I always browse with images turned OFF when at the office.

HA! Thats so fucking stupid I'm not even going to start...

Re:yup....

[Jucius Maximus]

"HA! Thats so fucking stupid I'm not even going to start..."

I agree but I am forced to use only MSIE 5 / Outlook97 and cannot install other software or even apply security patches. Because of this, I turn of all scripting as well. It's my only defence. At home I have better solutions like Moz and Konq.(Yeah I turn them on of they are really needed to browse.)

Re:yup....

[The Turd Report]

citing the FAQ that they remove posts that contain bad HTML

So, why isn't the front page blank? ;)

Re:yup....

[jeffy124]

lol.... with all the times they screw up links or forget the http://, I'm surprised the front page isn't missing more often.

The Silence Gets Us Nowhere Way Too Fast...

[dthable]

Sorry to rip off the lyrics of a song, but it's so damn true. While Microsoft is patching bugs the /. community driven by the editors flames them and expresses outrage that the truth isn't disclosed to the end users. So what do you call the last few weeks?

The bug in Apache, the OpenSSH flaw, and now the /. bad HTML bug. Each time the public talks about it we get responses similar to jamie's response...."We'll, everyone needs to give us time to fix it and then they can talk about it or draw conclusions about the nature of the bug.". I only have one message for all of these people....WTF.

Everyone expects to bash the evil world of commercial software and Microsoft, yet when they get caught with their pants down it's a different story. Everyone is still waiting on the response from the /. team and more importantly, who it affects. Why is this so hard to produce from these teams? For now, I expect that the /. editors won't be bashing Micrsofot for let those free from sin cast the first stone.