Bing.com WebmasterAuthenticationInformationPage.aspx XSS

[Lostmon lords]

###########################################
Bing.com WebmasterAuthenticationInformationPage.aspx XSS
vendor url:http://ww.bing.com
advisore:http://lostmon.blogspot.com/2009/08/
bingcom-webmasterauthenticationinformat.html
vendor notify: yes vendor confirmed:yes
###########################################

Bing search engine contains a flaw that allows a remote cross site
scripting attack.This flaw exists because the application does not
validate properly 'authTag' variable upon submission to the
'WebmasterAuthenticationInformationPage.aspx' script.This could
allow a user to create a specially crafted URL that would execute
arbitrary code in a user's browser within the trust relationship
between the browser and the server,leading to a loss of integrity.

=> http://www.spymac.com/upload/2009/08/13/OyQTAItMeV.gif

them a attacker can compose a malformed link in the variable from
WebmasterAuthenticationInformationPage.aspx and Look the resultant
code , it is write in two boxes and in 'LiveSearchSiteAuth.xml'

a remote user can compose a malformed link in the variable from
WebmasterXMLAuthDownloadPage.aspx ,wen download LiveSearchSiteAuth.xml
this file have the malicious code.

#########
solution:
##########

Vendor patch

#############
timeline:
#############

discovered: 18-jun-2009
vendor notified: 07-08-2009
vendor response: 07-08-2009
vendor patch response: 13-08-2009
disclosure: 13-08-2009

################ End #####################

Thnx to Microsoft Security Response Center (MSRC)
http://blogs.technet.com/msrc/
thnx to estrella to be my ligth
thnx to all who day after day support me !!!
--
atentamente:
Lostmon (los...@gmail.com)
Web-Blog: http://lostmon.blogspot.com/
Google group: http://groups.google.com/group/lostmon (new)
--
La curiosidad es lo que hace mover la mente...