Bugtraq mailing list archives
Privacy concerns in interMute
From: john () KUWAIT NET (John Temples)
Date: Fri, 16 Jul 1999 13:59:30 -0700
interMute (www.intermute.com) is a junk filter/privacy enhancer for web browsers. It runs as either a privileged Java applet within your browser, or as a standalone Java application. interMute operates as a proxy server listening on port 4444, and is meant to operate dedicated to a single user. It correctly rejects any service requests from IP addresses not on the local host. However, it has no mechanism to determine whether requests coming from the local host originated from the browsing user, or some other user. The interMute proxy has a "home page" from which the user can configure it and view filtering statistics for the current session. A local user on a UNIX host can connect to another user's interMute proxy, giving him full control over interMute. Thus various attacks and intrusions are possible: 1) The sites which were acted upon by interMute are listed in the "statistics" area, thus revealing part of the user's browsing history; 2) interMute can be configured to chain to another proxy, thus allowing all browsing activity to be redirected and logged without the user's knowledge; 3) interMute can be configured to load a home page which could contain hostile Java and/or JavaScript code; 4) Various denial of service attacks are possible by reconfiguring interMute's filters. I was unable to trick it into handling "file:" URLs or retrieving files off the disk, except for files in the interMute home directory. Reported to the vendor on July 9; no reply received. -- John W. Temples, III
Current thread:
- Re: L0pht 'Domino' Vulnerability is alive and well, (continued)
- Re: L0pht 'Domino' Vulnerability is alive and well Weld Pond (Jul 06)
- Re: L0pht 'Domino' Vulnerability is alive and well Pavel Ahafonau (Jul 07)
- Re: L0pht 'Domino' Vulnerability is alive and well mtremblay () BAHNSO COM (Jul 08)
- Re: L0pht 'Domino' Vulnerability is alive and well Ryan Thomas Tecco (Jul 09)
- Communicator 4.[56]x, JavaScript used to bypass cookie settings Peter W (Jul 09)
- (no subject) Anonymous (Jul 09)
- Re: your mail Darren Reed (Jul 12)
- Navigator cookie security Oliver Lineham (Jul 09)
- Re: Communicator 4.[56]x, JavaScript used to bypass cookie settings Claudio Telmon (Jul 13)
- Solaris 2.6/7 NTP permissions problem john_smith () RD QMS COM (Jul 14)
- Privacy concerns in interMute John Temples (Jul 16)
- Re: Solaris 2.6/7 NTP permissions problem Casper Dik (Jul 16)
- (no subject) sbr (Jul 14)
- joe 2.8 makes world-readable DEADJOE Trevor Johnson (Jul 17)
- Re: your mail hal (Jul 19)