by Dennis Fisher September 15, 2014
There’s a serious vulnerability in pre-4.4 versions of Android that allows an attacker to read the contents of other tabs in a browser when a user visits a page the attacker controls. The flaw is present in a huge percentage of the Android devices in use right now, and there’s now a Metasploit module available to exploit the vulnerability. The vulnerability was first disclosed in late August, but there has not been much in the way of public discussion of it. Exploiting the flaw is a straightforward matter and allows the attacker to bypass the same-origin policy in the Android browser. “By malforming a javascript: URL handler with a prepended null byte, the AOSP, or Android Open Source Platform (AOSP) Browser) fails to enforce the Same-Origin Policy (SOP) browser security control,” Tod Beardsley of Rapid7 said in an explanation of the flaw.
Full Article
Flaw in Android Browser Allows Same Origin Policy Bypass
Userlevel 7
+54
Userlevel 7
It would seem to me the developer of a given Android should focus heavily on security features to protect the consumer.If these vulnerabilities are being discovered the developer is not doing his job.
Userlevel 7
+54
by Paul Ducklin on September 16, 2014
http://sophosnews.files.wordpress.com/2014/09/browser-170.png?w=640
Independent security researcher Rafay Baloch has written about a security bug in the Android Browser app that allows one website to steal data from another.
The guys over at Metasploit are calling it a "Privacy Disaster," and promising to take the time to create a video that is "sufficiently shocking" in order to show you why.
So, what went wrong, and what should you do?
Full Article
http://sophosnews.files.wordpress.com/2014/09/browser-170.png?w=640
Independent security researcher Rafay Baloch has written about a security bug in the Android Browser app that allows one website to steal data from another.
The guys over at Metasploit are calling it a "Privacy Disaster," and promising to take the time to create a video that is "sufficiently shocking" in order to show you why.
So, what went wrong, and what should you do?
Full Article
Userlevel 7
BySara Peters/ Posted on 9/16/2014
An exploit of an unsupported Android browser bypasses the ever-important Same Origin Policy.
A vulnerability in the Android Open Source Platform (AOSP) is a "privacy disaster" that affects about 75 percent of the overall "Android ecosystem" and about 100 percent of the low-end prepaid phones, according to researchers at Rapid7's Metasploit research team.
The vulnerability -- CVE-2014-6041, disclosed by Rafay Baloch -- bypasses the AOSP browser's Same Origin Policy. Yesterday, Tod Beardsley, technical lead for the Metasploit framework, wrote:
What this [vulnerability] means is, any arbitrary website (say, one controlled by a spammer or a spy) can peek into the contents of any other web page. Imagine you went to an attacker's site while you had your webmail open in another window -- the attacker could scrape your e-mail data and see what your browser sees. Worse, he could snag a copy of your session cookie and hijack your session completely, and read and write webmail on your behalf.
DarkReading/ full article here/ http://www.darkreading.com/browser-vulnerability-privacy-disaster-for-3-of-4-android-users-/d/d-id/1315792?
An exploit of an unsupported Android browser bypasses the ever-important Same Origin Policy.
A vulnerability in the Android Open Source Platform (AOSP) is a "privacy disaster" that affects about 75 percent of the overall "Android ecosystem" and about 100 percent of the low-end prepaid phones, according to researchers at Rapid7's Metasploit research team.
The vulnerability -- CVE-2014-6041, disclosed by Rafay Baloch -- bypasses the AOSP browser's Same Origin Policy. Yesterday, Tod Beardsley, technical lead for the Metasploit framework, wrote:
What this [vulnerability] means is, any arbitrary website (say, one controlled by a spammer or a spy) can peek into the contents of any other web page. Imagine you went to an attacker's site while you had your webmail open in another window -- the attacker could scrape your e-mail data and see what your browser sees. Worse, he could snag a copy of your session cookie and hijack your session completely, and read and write webmail on your behalf.
DarkReading/ full article here/ http://www.darkreading.com/browser-vulnerability-privacy-disaster-for-3-of-4-android-users-/d/d-id/1315792?
Userlevel 7
+54
by Dennis Fisher October 2, 2014 , 10:49 am
There is another same-origin policy bypass vulnerability in the Android browser in versions prior to 4.4 that allows an attacker to steal data from a user’s browser. Google has fixed the vulnerability in some versions of Android, but millions of users of older versions are still affected. The vulnerability lies in the way that the Android function that’s responsible for loading frame URLs handles Javascript. Security researcher Rafay Baloch discovered the vulnerability and developed a proof-of-concept exploit that allows him to steal data from a user’s browser. Baloch said the vulnerability has been fixed for some time in Google Chrome, but had still existed in the Android browser until he disclosed it to Google late last month.
Full Article
There is another same-origin policy bypass vulnerability in the Android browser in versions prior to 4.4 that allows an attacker to steal data from a user’s browser. Google has fixed the vulnerability in some versions of Android, but millions of users of older versions are still affected. The vulnerability lies in the way that the Android function that’s responsible for loading frame URLs handles Javascript. Security researcher Rafay Baloch discovered the vulnerability and developed a proof-of-concept exploit that allows him to steal data from a user’s browser. Baloch said the vulnerability has been fixed for some time in Google Chrome, but had still existed in the Android browser until he disclosed it to Google late last month.
Full Article
Userlevel 7
+54
Posted on 07 October 2014.A security researcher has recently discovered not just one but two vulnerabilities in the Android Open Source Project (AOSP) browser that could allow attackers to bypass the software's Same-Origin Policy (SOP) security control and get their hands on users' confidential data and session cookies.
Up until the latest version of Android (v4.4, i.e. KitKat), the browser came installed by default. In KitKat, it has been replaced with Chrome, and the flaw has been fixed.
According to the numbers provided by mobile security firm Lookout, around 45 percent of their users have a vulnerable version of the AOSP browser installed. Full Article
Up until the latest version of Android (v4.4, i.e. KitKat), the browser came installed by default. In KitKat, it has been replaced with Chrome, and the flaw has been fixed.
According to the numbers provided by mobile security firm Lookout, around 45 percent of their users have a vulnerable version of the AOSP browser installed. Full Article
Reply
Login to the community
No account yet? Create an account
Enter your username or e-mail address. We'll send you an e-mail with instructions to reset your password.