Bugtraq mailing list archives
Re: Design flaw in AS3 socket handling allows port probing
From: fukami <fukami () sektioneins de>
Date: Thu, 20 Dec 2007 23:53:01 +0100
Adobe released an article at their knowledge base regarding this issue.# Socket connection timing can reveal information about network configuration
http://kb.adobe.com/selfservice/viewContent.do?externalId=kb402956The fix is to disable socket functionality for Flash Players version >= 9.0.115 by configuration.
Take care, fukami On 09.08.2007, at 20:21, fukami wrote:
Design flaw in AS3 socket handling allows port probing # SummaryDue to a design flaw in ActionScript 3 socket handling, compiled Flash movies are able to scan for open TCP ports on any host reachable from the host running the SWF, bypassing the Flash Player Security Sandbox Model and without the need to rebind DNS.[...] # PoC * http://scan.flashsec.org/ [...] # CVE * http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4324
Current thread:
- Re: Design flaw in AS3 socket handling allows port probing fukami (Dec 20)