lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <165EA4DFAAC8415F91F3C2B7A1AB810C@minhbqPC>
Date: Thu, 5 Feb 2009 15:15:45 +0700
From: "SVRT-Bkis" <svrt@...v.com.vn>
To: <full-disclosure@...ts.grok.org.uk>, <Bugtraq@...urityfocus.com>
Subject: [SVRT-02-09] FeedDemon (ver<=2.7) Buffer Overflow Vulnerability

Title :  FeedDemon Buffer OverFlow Vulnerability

1. General Information

FeedDemon is known as the most popular Windows RSS Reader which allows users 
to view and manage easily RSS feeds from their desktop. In January 2009, 
SVRT-BKIS detected a buffer overflow vulnerability in this software. Taking 
advantage of this flaw, hackers can perform remote attacks, install viruses, 
steal private information, and even take control of users' systems. We have 
sent the alert to the manufacturer.

Details                            :   http://security.bkis.vn/?p=329
SVRT Advisory              :   SVRT-02-09
Initial vendor notification  :   01-21-2009
Release Date                  :    02-05-2009
Update Date                   :   02-05-2009
Discovered by                :    Le Nhat Minh (SVRT-Bkis)
Security Rating                :   Critical
Impact                            :   Remote Code Execution
Affected Software           :   FeedDemon (version <= 2.7)


2. Technical Description

The vulnerability was found in the processing of OPML (Outline Processor 
Markup Language) file, which is an XML format for outlines used by RSS 
reader to store and manage RSS feeds. With OPML, users can easily share 
their RSS feed lists with others or export these lists to use in other RSS 
feed readers. However, FeedDemon does not handle this format well enough, 
which leads to buffer overflow flaw.

More precisely, the error occurs when users import an OPML file, whose 
"outline" tag has a too long "text" attribute. FeedDemon, on parsing this 
file, will crash; and if malicious code is embedded into that file, it will 
be executed and give hackers system control.

Exploitation can be carried out via a file stored on victims' computers or 
simply a link to such file. It is this factor that increases the threat of 
users' computers being attack remotely.

Taking advantage of the above vulnerability, a hacker might prepare a 
malicious OPML file, and somehow trick users into importing it. He/she might 
send the file to users directly or send them a link to that file instead. 
Right after users have imported the file, malicious code will be executed 
and they will become hacker's victims.

3. Solution

Rating this vulnerability high severity, and due to the fact that the 
manufacturer hasn't released any official patch for it. Bkis recommends that 
users of FeedDemon should be careful when importing RSS feed lists from 
untrustworthy sources.

------------------------------------------------------------------------------------------------------------------------
About SVRT-Bkis : SVRT, which is short for Security Vulnerability Research 
Team, is one of Bkis researching groups. SVRT specializes in the detection, 
alert and announcement of security vulnerabilities in software, operating 
systems, network protocols and embedded systems.

About Bkis : Bkis is Vietnamese leading Center in researching, deploying 
network security software and solutions. 


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ