[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Yet another Disturbing type of Exploit

Subject: Yet another Disturbing type of Exploit
From: Chris Bennett <..hidden..>
Date: Thu, 19 Apr 2007 11:44:10 -0500

http://www.ngssoftware.com/research/papers/InterProtocolExploitation.pdf

Summary: A way of exploiting web browsers located within the securityperimeter (i.e access to internal network)using something like javascript from an external web page to launcha buffer overflow attack on internal network.Seems like problems like this could have have serious implicationsagainst many applications that are badly written but thought safe sincenot exposed to Internet.Obviously LSMB would not be susceptible to buffer overflows, but everyday I see more and more seriously negative stuff about javascript.My understanding is that LSMB development is going to add a lot ofjavascript based web 2.0/ajax type stuff, which IS wonderful to use.Are there plans for the new interfaces to "degrade gracefully" withoutloss of function (some loss of convenience couldn't be avoided), if aperson found that javascript HAD to be turned off and kept off becauseof non-LSMB security issues?


Chris Bennett

Follow-Ups:
- Re: Yet another Disturbing type of Exploit
  - From: Christopher Murtagh
- Re: Yet another Disturbing type of Exploit
  - From: Chris Travers

Prev by Date: Re: Ledger SMB
Next by Date: Re: Ledger SMB
Previous by thread: Ledger SMB
Next by thread: Re: Yet another Disturbing type of Exploit
Index(es):
- Date
- Thread