Bugtraq mailing list archives
Re: CommonName Toolbar potentially exposes LAN web addresses
From: Andrew Clover <and () doxdesk com>
Date: Fri, 4 Oct 2002 15:35:04 +0000
Eric Stevens <mightye () mightye org> wrote:
Due to a bug in the URL validation done in CommonName Toolbar (in at least dll version 3.5.2.0 on IE 6), addresses from local intranets may be exposed to the CommonName organization.
During my tests this also occurred on all TLDs not belonging to a built-in list in the DLL. This includes for example .edu and .mil along with the more obscure .gb and .su, and any domains from alternative root DNS providers. A more serious issue was that any URLs used in these TLDs got corrupted on the journey to and back from CommonName's servers, making it impossible for users of the CommonName software to access pages whose URLs are more than 72 characters long in any of these domains. However, I don't believe this is due to an overflow at the client end; I know of no similar security issue with this software. CommonName Ltd. assure me these problems have been fixed in version 3.6.0.0 of the software, available from commonname.com now. Indeed I don't see any of these problems any more. However, I am somewhat concerned to see the new version includes a Winsock2 Layered Service Provider (a type of component which various spyware applications have used before, often causing disastrous network problems), and registers an ActiveX control under the classid 000000000000-0000-0000-0000-00000000, which doesn't seem like a good idea either.
even the sneakiest spyware will be unable to install itself on your system, unless it chooses random locations and file names.
Unfortunately quite a few of these parasites install themselves in %WinDir%\System32 or %WinDir%\Downloaded Program Files, which are not so easy to protect! -- Andrew Clover mailto:and () doxdesk com http://and.doxdesk.com/
Current thread:
- RE: CommonName Toolbar potentially exposes LAN web addresses Eric Stevens (Oct 03)
- <Possible follow-ups>
- CommonName Toolbar potentially exposes LAN web addresses Eric Stevens (Oct 03)
- RE: CommonName Toolbar potentially exposes LAN web addresses Mustafa Deeb (Oct 03)
- Re: CommonName Toolbar potentially exposes LAN web addresses Andrew Clover (Oct 07)
- RE: CommonName Toolbar potentially exposes LAN web addresses Anders Blockmar (Oct 07)