* Eddy Nigg: > On 04/04/2010 05:11 PM, Florian Weimer: >> This is factually incorrect. The victim client might still send >> authentication data to the server which ends up in a different context >> (because the attacker has preloaded a crafted message prefix into the >> server), where it is accessible to the attacker and can later be used >> to impersonante the victim client. >> > > The data is not available to the attacker, but to the server, which > lets the server believe this is the legitimate client from the > preceding request.
Yes, and submitted data might be processed in the context of the previous client (the attacker's). That means the attacker might get improper access to it because it is associated with their account. (Think cookies ending up in POST contents stored on the server.) _______________________________________________ dev-security mailing list [email protected] https://lists.mozilla.org/listinfo/dev-security
