lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [day] [month] [year] [list]
Date: Mon, 25 Apr 2005 16:51:14 +0900
From: snsadv@....co.jp (snsadv)
To: bugtraq@...urityfocus.com
Subject: [SNS Advisory No.80] nProtect:Netizen Arbitrary File Download Vulnerability


------------------------------------------------------------------
SNS Advisory No.80
nProtect:Netizen Arbitrary File Download Vulnerability

Problem first discovered on: Wed, 13 Apr 2005
Published on: Mon, 25 Apr 2005
------------------------------------------------------------------

Severity Level:
---------------
  Medium


Overview:
---------
  A vulnerability in nProtect:Netizen could result in downloading an 
  arbitrary code into the path which an attacker specified on the 
  vulnerable system.


Problem Description:
--------------------
  nProtect:Netizen is an ActiveX control which designed for protecting
  users from virus, unauthorised access, phishing, etc.

  nProtect:Netizen tries to check update module when it's launched.
  If nProtect:Netizen could finds an updated module, the program
  would try to download it.

  A malicious website administrator can induce a user to view a
specially 
  crafted web site which could download an arbitrary file into the path 
  that the attacker specified.


Tested Versions:
----------------
  nProtect:Netizen Ver.2005.3.17.1


Solution:
---------
  Update to the fixed version of nProtect:Netizen available at:
  connectting with the web site where this product is used, and pushing 
  the start button for it.


Discovered by:
--------------
  Keigo Yamazaki


Thanks to:
----------
  This SNS Advisory is being published in coordination with Information-technology 
  Promotion Agency, Japan (IPA) and JPCERT/CC. 

  http://jvn.jp/jp/JVN%23AF02FB4B/index.html
  http://www.ipa.go.jp/security/vuln/documents/2005/JVN_AF02FB4B_nProtect.html


Disclaimer:
-----------
  The information contained in this advisory may be revised without prior
  notice and is provided as it is. Users shall take their own risk when
  taking any actions following reading this advisory. LAC Co., Ltd.
  shall take no responsibility for any problems, loss or damage caused
  by, or by the use of information provided here.

  This advisory can be found at the following URL:
  http://www.lac.co.jp/business/sns/intelligence/SNSadvisory_e/80_e.html




Powered by blists - more mailing lists