[prev in list] [next in list] [prev in thread] [next in thread]
List: webappsec
Subject: Paper: Socket Capable Browser Plugins Result In Transparent Proxy Abuse
From: robert () webappsec ! org
Date: 2009-03-10 17:04:50
Message-ID: 20090310170450.79632.qmail () cgisecurity ! net
[Download RAW message or body]
Abstract
"Transparent proxies allow organizations to influence and monitor the traffic from \
its users without their knowledge or participation. Transparent proxies act as \
intermediaries between a user and end destination, and aren't generally apparent to \
users sitting behind them. Enterprises, Hotels, and Internet Service Providers often \
use transparent proxy products to lower bandwidth consumption,speed up page loads \
for their users, and for monitoring and filtering of web surfing. When certain \
transparent proxy architectures are in use an attacker can achieve a partial Same \
Origin Policy Bypass resulting in access to any host reachable by the proxy via the \
use of client plug-in technologies (such as Flash, Applets, etc) with socket \
capabilities. This write up will describe this architecture, how it may be abused by \
Flash, its existence in various network layouts, and mitigations."
Paper Link:
http://www.thesecuritypractice.com/the_security_practice/2009/03/socket-capable-browser-plugins-result-in-transparent-proxy-abuse.html
Regards,
- Robert
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic