| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 19 May 2015 14:29:27 -0700 From: Tim <strazz@...il.com> To: ValdikSS <iam@...dikss.org.ru> Cc: fulldisclosure@...lists.org Subject: Re: [FD] Xamarin for Android <5.1 DLL Hijack Vulnerability Thanks for posting this to FD, these didn't even include it in their release notes; http://developer.xamarin.com/releases/android/xamarin.android_5/xamarin.android_5.1/ Was there a bug reported in bugzilla to link back too? -Tim Strazzere On Tue, May 19, 2015 at 6:49 AM, ValdikSS <iam@...dikss.org.ru> wrote: > > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA256 > > Xamarin for Android prior to version 5.1 allows to replace internal DLL > files inside the APK with files on SD card which are not in a secure > storage. > Malicious application without any special permissions could drop > backdoored DLL files into > > /storage/sdcard0/Android/data/app_id/files/.__override__/ > > and the victim application would use files from SD. > Not just the main application library could be hijacked, but also > Xamarin's System.dll and Mono.Android.dll, which are shipped in all Xamarin > for Android > applications. > > Developers should rebuild their applications using Xamarin for Android 5.1 > or newer in the release mode. > > This vulnerability was found by accident, which allowed me to eat for free > for a month. > > Timeline: > 03.04.2015 Vulnerability is found > 07.04.2015 Message sent to Xamarin > 08.04.2015 Xamarin acknowledged the vulnerability > 29.04.2015 Fixed stable version released > > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v2 > Comment: https://keybase.io/valdikss > > iQIcBAEBCAAGBQJVWz98AAoJEFzXIC7viPdyP3wP/3Vxrc0hHZATTfkCVq688sJa > /NI2Z7cdRf3cpHSLCciWbtcNK82uE6qmHisFwUQGA5xvljhrkAXLPa2xG3wShmXq > G5ID3WexMWgTfLqYwOi/4fq1jpfeEg5vpDFAhj0JuWAvZg1zOwFBQ7UdT6G/eu1C > +Dgmk1qpvLcPkKOrh2i4xwqkDfqNfADfK7ekjeqMZe70tC95eHLeRWzVEmi+hCC3 > zLwnuprHOEQ/CGeKiQJzePExARFyIfS/kuV+YPdw14gmEOwKAfFymuaxYqULqaxS > H6RdUJp2SZT5cf0RSlA7zqPhX8fqnkiBiCpd8BstoANl+dFvnggVks6PWovBm8aW > huYqscwDZ0pGG8kV5lPO/9fE2P/1nm9B1h9tOcycD8gpM7inbDy6WoETwO0KZOlx > qsetTdYt4PA5V6Wn6wks4R9iPZy7bFlqzrGWLWFY9FYV7a0cZoDi7eY8bNhxFj/T > g3M1ruIIRVxriyFjcfmq2nWw0rMFhiaDdb/GuQEmtN8b2CQRQmiBrvP1uC2zkOhW > ijdYsN7SMjvLTch3n6TU3ycibB0uEp03Jgm2+wRzZj5VQXUHR7BFzhh74UeeAriT > K7EialPddQzxPFS0ufTGQ1JFfjJP3bgZFLDwbJVt/WLwsgQpLmXcTjHub56lr87y > xQmqbzDDykOJ92uZEJ4X > =vW6d > -----END PGP SIGNATURE----- > > > _______________________________________________ > Sent through the Full Disclosure mailing list > https://nmap.org/mailman/listinfo/fulldisclosure > Web Archives & RSS: http://seclists.org/fulldisclosure/ > _______________________________________________ Sent through the Full Disclosure mailing list https://nmap.org/mailman/listinfo/fulldisclosure Web Archives & RSS: http://seclists.org/fulldisclosure/
Powered by blists - more mailing lists