[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <CAFENBwoEZoAsfONEv90TuUsX=SFO_cG4jQGQnCgM10a9T5PuBw@mail.gmail.com>
Date: Tue, 19 May 2015 14:38:32 -0700
From: Tim <strazz@...il.com>
To: ValdikSS <iam@...dikss.org.ru>
Cc: fulldisclosure@...lists.org
Subject: Re: [FD] Xamarin for Android <5.1 DLL Hijack Vulnerability
Isn't this the public bug tracker?
https://bugzilla.xamarin.com/describecomponents.cgi?product=Android
Though, correct that case id doesn't map to anything there.
-Tim Strazzere
On Tue, May 19, 2015 at 2:32 PM, ValdikSS <iam@...dikss.org.ru> wrote:
> They don't have public bugtracker. Case ID is 140518.
>
> On 05/20/2015 12:29 AM, Tim wrote:
> > Thanks for posting this to FD, these didn't even include it in their
> release notes;
> >
> >
> http://developer.xamarin.com/releases/android/xamarin.android_5/xamarin.android_5.1/
> >
> > Was there a bug reported in bugzilla to link back too?
> >
> > -Tim Strazzere
> >
> > On Tue, May 19, 2015 at 6:49 AM, ValdikSS <iam@...dikss.org.ru
> <mailto:iam@...dikss.org.ru> <iam@...dikss.org.ru>> wrote:
> >
> >
>
> Xamarin for Android prior to version 5.1 allows to replace internal DLL
> files inside the APK with files on SD card which are not in a secure
> storage.
> Malicious application without any special permissions could drop
> backdoored DLL files into
>
> /storage/sdcard0/Android/data/app_id/files/.__override__/
>
> and the victim application would use files from SD.
> Not just the main application library could be hijacked, but also
> Xamarin's System.dll and Mono.Android.dll, which are shipped in all Xamarin
> for Android
> applications.
>
> Developers should rebuild their applications using Xamarin for Android 5.1
> or newer in the release mode.
>
> This vulnerability was found by accident, which allowed me to eat for free
> for a month.
>
> Timeline:
> 03.04.2015 Vulnerability is found
> 07.04.2015 Message sent to Xamarin
> 08.04.2015 Xamarin acknowledged the vulnerability
> 29.04.2015 Fixed stable version released
>
> >
> >
> > _______________________________________________
> > Sent through the Full Disclosure mailing list
> > https://nmap.org/mailman/listinfo/fulldisclosure
> > Web Archives & RSS: http://seclists.org/fulldisclosure/
> >
> >
>
>
>
_______________________________________________
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/
Powered by blists - more mailing lists