English | Vietnamese
 

banner

[Rule] Rules  [Home] Main Forum  [Portal] Portal  
[Members] Member Listing  [Statistics] Statistics  [Search] Search  [Reading Room] Reading Room 
[Register] Register   [Login] Loginhttp  | https  ]
 
Forum Index Thông tin new bugs và exploits Redirection Vulnerability in Yahoo! Advertising Service [SVRT-Bkis]  XML
  [Announcement]   Redirection Vulnerability in Yahoo! Advertising Service [SVRT-Bkis] 15/01/2009 00:43:05 (+0700) | #1 | 166497
LeVuHoang
HVA Friend
Joined: 08/03/2003 16:54:07
Messages: 1155
Offline
[Profile] [PM]
Tình cờ bờ nốc của BKIS có lỗi nên tui đọc cái new bug này thoai nha smilie

General Information

On December 22, 2008, SVRT-BKIS found a vulnerability in Yahoo! Wap Service. This is the second vulnerability discovered by BKIS in cell phone Web platform, the first one was found in Google Wap Proxy.



Taking advantage of this flaw, hackers can perform wwwection attack, which means they are able to send users to their malicious websites. We have notified Yahoo! of this vulnerability.



Details

SVRT Advisory


SVRT-01-09

CVE reference




Initial vendor notification


12-23-2008

Release Date


01-06-2009

Update Date


01-06-2009

Discovered by


Dau Huy Ngoc - SVRT-Bkis

Attack Type


Redirection

Security Rating


High

Impact


Phishing

Affected Software


Ads image at http://m.yahoo.com





Technical Description

The flaw lies in the advertising section of Yahoo! Wap Service, which allows displaying advertisements when users visit Yahoo! Wap address http://m.yahoo.com.

Yahoo! Wap main page with ads image



More specifically, this advertising section includes a link with the following format and it is this link that contains the flaw.

http://us.ard.yahoo.com/SIG=17a4cd16v…=12etp7f3d/*[http://ads_image]



If users clink directly on this link, their browsers will automatically wwwect them to the address [http://anh_quang_cao] and everything on that site can be accessed, which makes it a Redirection vulnerability.



In order to exploit, hackers only need to change the address [http://ads_image] in the previous link to their website address and send the link to users. As this link uses Yahoo! domain name, users easily think it is safe and if the destination website contains malicious code or cheating content, hacker can steal users’ sensitive information or even take control of their computers remotely.



Solution

Rating this vulnerability high severity, Bkis recommends that users:

- Be cautious with strange links, even links starting with domain names of well-known companies like Google, Yahoo!, and Microsoft…

- Do not access links starting with http://us.ard.yahoo.com.



Credits

Thanks to Dau Huy Ngoc for working together with us in the detection and alert process of this vulnerability.

SVRT-Bkis
 

Nguồn: http://security.bkis.vn/?p=324
[Up] [Print Copy]
  [Question]   Re: Redirection Vulnerability in Yahoo! Advertising Service [SVRT-Bkis] 02/02/2009 00:18:33 (+0700) | #2 | 167821
[Avatar]
 louisnguyen27
Member
[Minus]    0    [Plus]
Joined: 12/08/2008 18:04:41
Messages: 321
Offline
[Profile] [PM]
Không chỉ Yahoo Wap dính mà kể cả các quảng cáp trên mail box của yahoo cũng dính. Vừa rồi vô tình phát hiện ra cái này trong quảng cáo trên mail yahoo:

Sanitized suspicious request. Original URL [http://ad.yieldmanager.com/click?VaUDAA74BwAhtRoA5c4IAAEAcWUAAAoABwABCgIACgKSfgYAIZwMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJ0JhUkAAAAA,
site-attribute requested from [http://ads.bluelithium.com/click,VaUDAA74BwAhtRoA5c4IAAEAcWUAAAoABwABCgIACgKSfgYAIZwMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJ0JhUkAAAAA,
Sanitized URL: [http://ad.yieldmanager.com/click?VaUDAA74BwAhtRoA5c4IAAEAcWUAAAoABwABCgIACgKSfgYAIZwMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJ0JhUkAAAAA 

Q+SBtZW1iZXIgb2YgSFZ+B
Back to Linux soon!!!
[Up] [Print Copy]
  [Question]   Re: Redirection Vulnerability in Yahoo! Advertising Service [SVRT-Bkis] 02/02/2009 00:22:44 (+0700) | #3 | 167825
[Avatar]
 louisnguyen27
Member
[Minus]    0    [Plus]
Joined: 12/08/2008 18:04:41
Messages: 321
Offline
[Profile] [PM]
Nói thêm là mình không nghĩ nó quá nguy hiểm như các bác BKAV thông báo ở trên. Tuy nhiên cái những cái này cũng là những rủi ro mà Yahoo cần kiểm soát.
Q+SBtZW1iZXIgb2YgSFZ+B
Back to Linux soon!!!
[Up] [Print Copy]
  [Question]   Re: Redirection Vulnerability in Yahoo! Advertising Service [SVRT-Bkis] 06/02/2009 05:41:05 (+0700) | #4 | 168357
PXMMRF
Administrator
Joined: 26/09/2002 07:17:55
Messages: 946
Offline
[Profile] [PM]
Hiện nay lỗi này đã đựoc Yahoo khắc phục.

Các bạn thử kiểm tra lại:
http://m.yahoo.com/

Nhưng đôi khi HDH của user mắc lỗi (thí dụ bị nhiễm một Rogue DNS Trojan như "DNSChanger.gen" hay "DNSChanger.f.gen.a") thì cũng xảy ra hiện tương tương tự. Khi đó ta không thể kết luận trang web mà ta định access (thí dụ Microsoft Windows updates) bị lỗi do nhiễm malicious script, mà lỗi tại từ chính hệ thống của ta.

Ngoài ra trang http://security.bkis.vn/, hiện hosting trên webserver bkis.vn. Webserver này mắc khá nhiều lỗi, có cái nghiêm trong, liên quan đến XSS, PHP.... Lỗi XSS không chỉ ở chỗ mà một HVA member đã nói ở muc "Tán gẫu", mà còn ở chỗ khác. Các bạn BKIS cần nhanh chóng khắc phục
The absence of disagreement is not harmony, it's apathy.
(Socrates)
Honest disagreement is often a good sign of progress.
(Mahatma Gandhi)
[Up] [Print Copy]
[digg] [delicious] [google] [yahoo] [technorati] [reddit] [stumbleupon]
Go to: 
 Users currently in here 
1 Anonymous

Powered by JForum - Extended by HVAOnline
 hvaonline.net  |  hvaforum.net  |  hvazone.net  |  hvanews.net  |  vnhacker.org
1999 - 2013 © v2012|0504|218|