Checkmarx details steps to remediate new Cross-Site History Manipulation (XSHM) vulnerability and stop hackers from stealing identity to fraudulently access software applications
Tel Aviv, Israel (PRWEB) January 27, 2010 -- Checkmarx, the leading code analysis company, today announced that the Checkmarx Research Labs has identified a new, critical vulnerability in web browsers that would allow hackers to easily compromise web applications. Cross-Site History Manipulation (XSHM) is a newly discovered zero-day attack: attackers may have been using it for a long time, but the application and security communities are not aware of it. The exploit can be prevented by fixing the browser or by the web application developers.
To help major browsers or application developers stop the proliferation of this exploit, Checkmarx has published a guide to identify and remediate the vulnerability. It can be downloaded at http://www.checkmarx.com/CxDownloadRequest.aspx?id=6.
Further, partial code detection coverage was incorporated into the latest Checkmarx product release and anyone interested can scan an application subset.
The exploit works by taking advantage of the browsing history used in common browsers including Internet Explorer, Firefox, Google Chrome and more. The browsing history is a global list of pages that have been visited by a consumer. By manipulating the browser history it is possible to compromise a browser’s same origin policy (SOP) and violate user privacy. As a result, a hacker can gain full credentials when accessing any applications the users may have recently used—such as online banking or e-commerce. The attack holds similarities to the flaw that enabled the attack on Google Gmail in China as in exposed applications it allows compromising of user credentials and hence opens the door for broader attacks.
“Imagine if someone could access your whole browsing history—including passwords—and then go to your online bank account or favorite shopping site,” explained Maty Siman, Chexkmarx’s CTO. “This new exploit highlights that despite the large prevention efforts by platform providers, the browser still remains one of the key vehicles of choice to execute cyber crime.
To contain this new vulnerability, Checkmarx notified all major browsers including Internet Explorer, Firefox, Google Chrome, Safari and Opera.
Application developers can prevent this vulnerability with proper coding. “While web browsers must do everything they can to fix the problem, ,” explains Alex Roichman chief architect and head of the research lab. “Application developers don’t need to wait for browsers to build a patch or users to download an updated version. “To prevent this problem proactively, application developers should build a random token to block hackers from accessing the browser history for malicious purposes” explained Roichman.
About Checkmarx
Checkmarx is the leading provider for source code analysis. Founded in 2006, Checkmarx provides comprehensive solutions for automated security code review. Its technology is used by large corporations and small and medium-sized organizations across all industries. Checkmarx pioneered the concept of a query language-based solution for tracking technical and logical code vulnerabilities, and continues to bring new innovative solutions to market to fulfill its vision for a hacker free world. www.checkmarx.com.
Checkmarx Security Research labs is publishing regularly articles on new advances in application risk intelligence as well as newly detected vulnerabilities and prevention methods.
Lately, the lab discovered the ReDos attack (Regular Expression Denial of Service). http://www.checkmarx.com/NewsDetails.aspx?id=23&cat=3
It also presented a novel way to protect .NET assemblies against reverse-engineering and recompilation. http://www.checkmarx.com/NewsDetails.aspx?id=18&cat=3
(Source: http://www.prweb.com/releases/2010/01/prweb3527484.htm)
Go to the OWASP XSHM page; here
|