Full Disclosure mailing list archives
Re: pacsec hype security advisory: seven words ofwarning about Flash player nine.
From: "Dave \"No, not that one\" Korn" <davek_throwaway () hotmail com>
Date: Wed, 11 Oct 2006 14:52:12 +0100
Dragos Ruiu wrote:
"The new Flash player adds network functions!"
Hey, I can do it in three words! Flash. Must. Die.
and thus there are many ways to bypass the only-connect-back-upstream and port < 1024 limitations on the SWF applet Socket() class. A
Limiting ports to less than 1024 hasn't been any kind of security measure since.. I dunno, forever really. Since there were more than two machines connected to the internet. How can anyone in the 21st century think that this is meaningful?
The potential for network misuse possible in Flash just went up several orders of magnitude, and as the Adobe site triumphantly proclaims it's apparently in use at 97.3% of networked computers. I'll avoid some of the more exotic scenarios, lest they give anyone some bad ideas -
Distributed port scanning from a malicious webserver that gives every client a slightly modified .swf with a different range of ip addresses to scan? Seriously, thanks for the warning. Once more, feeping creatureitis wins out over sanity and security. Oh well. cheers, DaveK -- Can't think of a witty .sigline today.... _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- pacsec hype security advisory: seven words of warning about Flash player nine. Dragos Ruiu (Oct 10)
- Re: pacsec hype security advisory: seven words ofwarning about Flash player nine. Dave "No, not that one" Korn (Oct 11)