Post Reply 
New flaws could allow hackers to read hard drive data via browsers.
Feb. 20, 2007, 02:47 PM
Post: #1
New flaws could allow hackers to read hard drive data via browsers.
New flaws could allow hackers to read hard drive data via popular browsers.




A security researcher has uncovered a vulnerability that could allow hackers to read stored files on a victim's hard drive.

Michal Zalewski posted details of the flaws on security mailing list Bugtraq which could steal people's data via a malicious website. The flaw was discovered to affect both IE and Firefox.

"Unfortunately, there are some problems that allow user's keyboard input in unrelated locations to be selectively, transparently redirected to these input fields, and hence affect file selection to attacker's liking," said Zalewski in his posting.

He said that even though some browsers try to prevent file field hiding, it can be easily stowed off-screen at negative window coordinates.

"Once all letters necessary to reconstruct a target filename were entered by the victim as a part of a larger, unrelated body of text, the script can automatically submit the entire form, including victim's sensitive files," he said.

He said that the flaw operates in both browsers through slightly different means, but admitted that the flaws need a significant amount of user interaction to be effective.

"Any website where the user can be reasonably expected to enter some text (a keyboard-controlled web game, a blog posting or commenting interface, a web chat, or a captcha) can attempt to exploit the vulnerability, and eventually succeed with one user or another," said Zalewski.

Another flaw in Firefox could allow hackers to change a user's cookie which in turn could affect how another website is displayed.

Microsoft said in a statement that its investigations revealed that an attacker could gain access to user files if the location of a given file is already known.

"In order to be successful, an attacker in advance would have to convince the user to enter the location of a file into an attacker's webpage through social engineering," a company spokesperson said. "Upon completion of this investigation, Microsoft will take appropriate action to help protect our customers."
Add Thank You Quote this message in a reply
Mar. 07, 2007, 08:52 AM
Post: #2
RE: New flaws could allow hackers to read hard drive data via browsers.
I suppose that applies to Windows only, not to Linux or Mac OS?
Would blocking the cookie_get process prevent the alteration of someone's cookies? Presumably the cookie must be fetched before it can be changed?
Add Thank You Quote this message in a reply
Mar. 07, 2007, 08:43 PM
Post: #3
RE: New flaws could allow hackers to read hard drive data via browsers.
elshaddai Wrote:He said that the flaw operates in both browsers through slightly different means, but admitted that the flaws need a significant amount of user interaction to be effective.

Microsoft said in a statement that its investigations revealed that an attacker could gain access to user files if the location of a given file is already known.

In order to be successful, an attacker in advance would have to convince the user to enter the location of a file into an attacker's webpage through social engineering.

suffice it to say, anybody with any degree of 'net paranoia is extremely safe from such an attack that requires so much user intervention...

besides, my 'puter does NOT have a "program files" directory, a "windows" or "winnt" directory, or even a "root c:\" directory...

"they" can guess all they want at trying to find my hard drive, lol...
Add Thank You Quote this message in a reply
Post Reply 


Forum Jump: