[WEB SECURITY] windows IE plugin update - threat

sammyciscoindia sammy sammyciscoindia at yahoo.com
Fri May 27 01:47:56 EDT 2005


Hello experts 

I have a doubt regarding the software updating mechanism of a Software ( ie plugin) that i was auditing recently .

This software has a /latest.cab located on a web server .

The Dll of the plugin creates a windows registry entry which sets the CODEBASE value as 
the www.url.com/download/latest.cab 

whenever any user is conected to the net it checks for the MD5 checksum if that is canged the updates are taken care of .....

TWIST :

from a security point of view is that a flaw or is it some thing that every vendor does in order to get updates ......????

>From where i can see that a code can be written to change this URL to ....www.hackerssite.com/malacious/dowhatever   and just because your system trusts the programe that you have installed ........it does what it wants .

I understand that it is a combination of a systems and application vulnerability .......where sytem is windows and application is the plugin that the user has installed ...


Question :

Is thr a better way to programe this product/application to get its updates ......or it is better left as it is ? 


Any thoughts are welcome ;-)

Regards 
Sammy 


		
---------------------------------
Do You Yahoo!?
 Yahoo! Small Business - Try our new Resources site!
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webappsec.org/pipermail/websecurity_lists.webappsec.org/attachments/20050526/b1eac76b/attachment.html>


More information about the websecurity mailing list