Lexa Software: Security-Alerts@yandex-team.ru archive

		Apache-Talk @lexa.ru
		Inet-Admins @info.east.ru
		Filmscanners @halftone.co.uk
		Security-alerts @yandex-team.ru
		nginx-ru @sysoev.ru

СТАТЬИ

ПЕРСОНАЛЬНОЕ

ПРОГРАММЫ

ПИШИТЕ
ПИСЬМА

АРХИВ :: Security-alerts

Security-Alerts mailing list archive (security-alerts@yandex-team.ru)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[security-alerts] FW: Overtaking Google Desktop

To: <security-alerts@xxxxxxxxxxxxxx>
Subject: [security-alerts] FW: Overtaking Google Desktop
From: "Kazennov, Vladimir" <Vladimir.Kazennov@xxxxxxxxxx>
Date: Mon, 26 Feb 2007 12:52:01 +0300
Content-class: urn:content-classes:message
List-archive: <http://www.lexa.ru/security-alerts/> (Web Archive)
List-id: <security-alerts.yandex-team.ru>
List-subscribe: <mailto:majordomo@yandex-team.ru?body=subscribe%20security-alerts>
List-unsubscribe: <mailto:majordomo@yandex-team.ru?body=unsubscribe%20security-alerts>
Thread-index: AcdVwY0L+MyVfq+rS16S1xTzzyyWywDyhERw
Thread-topic: Overtaking Google Desktop

> -----Original Message-----
> From: Yair Amit [mailto:yairam_ng@xxxxxxxxxxxxx] 
> Sent: Wednesday, February 21, 2007 5:07 PM
> To: vulnwatch@xxxxxxxxxxxxx
> Subject: [VulnWatch] Overtaking Google Desktop
> 
> Hello,
> 
> A new research from Watchfire has revealed a serious vulnerability in
> Google Desktop.
> 
> The attack, which is fully presented in a new Watchfire research paper
> released today (available at
> http://www.watchfire.com/resources/Overtaking-Google-Desktop.pdf), can
> allow a malicious individual to achieve not only remote, persistent
> access to sensitive data, but in some cases full system 
> control as well.
> 
> Google Desktop is a popular freeware desktop search tool which offers
> powerful indexing abilities along with an easy to use interface.
> In many cases, Google Desktop manages highly sensitive information.
> Therefore, the impact of a security breach in it is far-reaching.
> 
> Google Desktop contains several protection mechanisms to secure its
> indexed data against remote intruders.
> 
> In this paper, we present a step-by-step attack flow that circumvents
> Google Desktop's protection mechanisms and allows a malicious 
> attack to
> take place against Google Desktop users.
> 
> The attack is composed of web-application security flaws 
> found in Google
> Desktop along with exploitation of Google Desktop's tight integration
> with the Google.com website.
> 
> The paper shows that it is possible to achieve a remote and persistent
> access to sensitive data on attacked systems.
> In addition, under certain conditions, it is also possible to covertly
> inject and execute malicious applications on attacked systems, using
> Google Desktop's own features. 
> 
> The full paper can be found in the following link:
> http://www.watchfire.com/resources/Overtaking-Google-Desktop.pdf
> A demonstration of the attack flow can be found at the same page or at
> the following link:
> http://download.watchfire.com/googledesktopdemo/index.htm
> 
> Note:
> -----
> The Google Desktop security flaw was coordinated with the Google
> Security Team. 
> Google has been responsive and recently issued a patch which mitigates
> the risk of the attack.
> We highly recommend all Google Desktop users to make sure they have an
> updated version installed on their system.
> 
> This vulnerability was discovered by me with the cooperation of Danny
> Allan and Adi Sharabani.
> 
> Best regards,
>             Yair Amit
>             Security Team
>             Watchfire (Israel) Ltd.
>

Prev by Date: [security-alerts] FW: [SA24246] Symantec Multiple Products SupportSoft ActiveX Controls Buffer Overflow
Next by Date: [security-alerts] FYI: Cisco Routers Vulnerable to Drive-by Pharming Attacks
Previous by thread: [security-alerts] FW: [SA24246] Symantec Multiple Products SupportSoft ActiveX Controls Buffer Overflow
Next by thread: [security-alerts] FYI: Cisco Routers Vulnerable to Drive-by Pharming Attacks
Index(es):
- Date
- Thread