Wednesday, September 26, 2007

Google: loads of new bugs

In services and products of Google on Monday, September, 24th, 2007, three vulnerabilities allowed the malefactor to execute an any code written in language JavaScript on behalf of a site and to steal requisites of registration record, kept in cookies have been found out, and in one case - to steal photos from online-storehouse. Vulnerability to between-sites scripting (CSS/XSS) have been found out in Google Groups, the search machine and Picasa.

Vulnerability in Google Groups to which at once there was a set of exploits, stealing requisites of access to GMail and sending contents of all mail box, has been eliminated. Exploites worked in four most known browsers: IE, Firefox, Opera and Konqueror. That vulnerability has worked, the victim should pass on specially generated URL, being in mail box GMail.

The second vulnerability of the same type is found out in search machines Google. Exploites, published in Mustlive blog, allowed to steal authentification cookies by means of specially generated URL, the leader on site ICANN and University of York.
The first has been eliminated ICANN, and the second while operates. Search in Google has shown, that approximately 200 thousand sites can be used for attack.

The third vulnerability allows to steal photos with Picasa, having enticed a victim on nocuous a web-page. Though in a basis lays between-sites scripting, for successful attack it is necessary a little making: use Flash, unreliability in URI proceeder and a fake of inquiries at data exchange between appendices. Vulnerability is not eliminated yet, however complexity of its operation will stop hackers for some time.

The previous large batch of bugs in Google has been found out in the end of May - the beginning of June. Then four vulnerabilities to between-sites scripting have existed for a week after detection.

No comments: