segunda-feira, março 26, 2012
Linkedin Portal URL Redirection (Open Redirection) Vulnerability
After some time, that is a old problem, but only now was fixed ...
=======================================================
Linkedin Portal URL Redirection (Open Redirection) Vulnerability
=======================================================
1. OVERVIEW
A security flaw on main linked in portal: www.linkedin.com
2. SITE SERVICE DESCRIPTION
LinkedIn is the world’s largest professional network with over 120 million members and growing rapidly. LinkedIn connects you to your trusted contacts and helps you exchange knowledge, ideas, and opportunities with a broader network of professionals.
More Information: http://learn.linkedin.com/what-is-linkedin/
3. VULNERABILITY DESCRIPTION
A security flaw on main linkedin portal: www.linkedin.com trough the "redirect" file with "url" parameter. This parameter is unvalidated by application resulting in a Open redirect Flaw, where it receive any url and forward the user for it.
4. PROOF-OF-CONCEPT/EXPLOIT
+ Open Redirect (OWASP Top 10 2010 / A10 - Unvalidated Redirects and Forwards)
http://www.linkedin.com/redirect?url=www.google.com.br&urlhash=OpenRedirect
http://www.linkedin.com/redir/redirect?url=www.google.com%2F&urlhash=asasdad
5. IMPACT
This flaw can be used by a malicious user to send phishing to the linked in customers, abusing of the users trust on Linkedin portal, tricking the user. This user can be forward to a linkedin clone site to stolen credentials, to some malicious site hosting malware and more.
6. VENDOR
www.linkedin.com - http://www.linkedin.com
7. CREDIT
This vulnerability was discovered by:
Emanuel dos Reis Rodrigues
emanueldosreis at gmail.com
twitter: emanueldosreis
8. DISCLOSURE TIME-LINE
01-28-2012: Vulnerability discovered
01-29-2012: Vendor Contacted by e-mail Customer support support@linkedin.com,linkedin_support@cs.linkedin.com
02-04-2012: Vendor answer creating a ticket: 120129-000734
02-04-2012: Vulnerability Reported
03-26-2012: Vulnerability Corrected
03-26-2012: Public Disclosure
9. REFERENCES
Top 10 2010-A10-Unvalidated Redirects and Forwards
Assinar:
Postar comentários (Atom)
Nenhum comentário:
Postar um comentário