[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <6905b1570702210703h2e3d14ferab9279d28fb75b97@mail.gmail.com>
Date: Wed, 21 Feb 2007 15:03:21 +0000
From: "pdp (architect)" <pdp.gnucitizen@...glemail.com>
To: "Yair Amit" <yairam_ng@...chfire.com>
Cc: full-disclosure@...ts.grok.org.uk
Subject: Re: Overtaking Google Desktop
This is quite interesting although it is a concept that has been
developed on sla.ckers.org some time ago. I love the presentation...
brilliant.
On 2/21/07, Yair Amit <yairam_ng@...chfire.com> wrote:
> Hello,
>
> A new research from Watchfire has revealed a serious vulnerability in
> Google Desktop.
>
> The attack, which is fully presented in a new Watchfire research paper
> released today (available at
> http://www.watchfire.com/resources/Overtaking-Google-Desktop.pdf), can
> allow a malicious individual to achieve not only remote, persistent
> access to sensitive data, but in some cases full system control as well.
>
> Google Desktop is a popular freeware desktop search tool which offers
> powerful indexing abilities along with an easy to use interface.
> In many cases, Google Desktop manages highly sensitive information.
> Therefore, the impact of a security breach in it is far-reaching.
>
> Google Desktop contains several protection mechanisms to secure its
> indexed data against remote intruders.
>
> In this paper, we present a step-by-step attack flow that circumvents
> Google Desktop's protection mechanisms and allows a malicious attack to
> take place against Google Desktop users.
>
> The attack is composed of web-application security flaws found in Google
> Desktop along with exploitation of Google Desktop's tight integration
> with the Google.com website.
>
> The paper shows that it is possible to achieve a remote and persistent
> access to sensitive data on attacked systems.
> In addition, under certain conditions, it is also possible to covertly
> inject and execute malicious applications on attacked systems, using
> Google Desktop's own features.
>
> The full paper can be found in the following link:
> http://www.watchfire.com/resources/Overtaking-Google-Desktop.pdf
> A demonstration of the attack flow can be found at the same page or at
> the following link:
> http://download.watchfire.com/googledesktopdemo/index.htm
>
> Note:
> -----
> The Google Desktop security flaw was coordinated with the Google
> Security Team.
> Google has been responsive and recently issued a patch which mitigates
> the risk of the attack.
> We highly recommend all Google Desktop users to make sure they have an
> updated version installed on their system.
>
> This vulnerability was discovered by me with the cooperation of Danny
> Allan and Adi Sharabani.
>
> Best regards,
> Yair Amit
> Security Team
> Watchfire (Israel) Ltd.
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>
--
pdp (architect) | petko d. petkov
http://www.gnucitizen.org
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists