Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Owning Samsung Android devices

From: Jeffrey Walton <noloader () gmail com>
Date: Tue, 19 Mar 2013 19:07:35 -0400
[web page] ...
[web page] Two different vulnerabilities can be exploited
[web page] to silently install highly-privileged applications
[web page] with no user interaction. The privileged
[web page] applications to be installed can be embedded
[web page] right inside the unprivileged application package,
[web page] or downloaded "on the fly" from an on-line
[web page] market.
[web page] Another issue, different from the previous ones,
[web page] allows attackers to send SMS messages without
[web page] requiring any Android privilege (normally,  Android
[web page] applications are required to have the
[web page] android.permission.SEND_SMS permission to
[web page] perform this task).

You might consider getting Android security involved since both appear
to have remediation at the platform level. For example, Google Play
may be able to do something about the first issue since its a trusted
channel and should not be distributing hidden apps with malicious
intent; and a confused deputy might be in play with the second.

Android security can be reached through a well known email address,
and Android Security Discussions
(http://groups.google.com/group/android-security-discuss).

My apologies if the remediations are not available at the platform.
Its tough to discern when folks use Full Disclosure, Bugtraq, et al to
generate traffic and press releases.

Jeff

On Tue, Mar 19, 2013 at 5:20 PM, Roberto Paleari <roberto () greyhats it> wrote:

Folks,

I recently found some security vulnerabilities affecting Samsung
Android phones. The bugs lie in Samsung-specific customizations and
not in the Android code base.

While waiting for Samsung security patches, I published an overview of
the issues here:
http://randomthoughts.greyhats.it/2013/03/owning-samsung-phones-for-fun-but-with.html

Possible consequences are quite interesting, as the vulnerabilities
allow an *unprivileged* application to perform several nefarious
tasks, ranging from sending SMS messages to installing APK packages,
but also including some denial-of-services and info leaks.

I hope I will be able to disclose the technical details soon.


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Previous By Date Next
Previous By Thread Next

Current thread: