[NEWS] KaZaA Lunches Ads in the Wrong Security Zone

From: support@securiteam.com
Date: 01/08/03

Next message: support@securiteam.com: "[UNIX] Remote Format String Vulnerability in Tanne"

Previous message: support@securiteam.com: "[UNIX] Remote Root Vulnerability in HSphere WebShell"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

From: support@securiteam.com
To: list@securiteam.com
Date: 8 Jan 2003 10:34:54 +0200

The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com
- - promotion

Beyond Security would like to welcome Tiscali World Online
to our service provider team.
For more info on their service offering IP-Secure,
please visit http://www.worldonline.co.za/services/work_ip.asp
- - - - - - - - -

KaZaA Lunches Ads in the Wrong Security Zone
------------------------------------------------------------------------

SUMMARY

A security vulnerability in the KaZaA causes it to launch its ads in the
local zone. This would allow a potential attacker to execute scripts
embedded inside the ads with elevated privileges.

DETAILS

Vendor response:
KaZaA was contacted 6 Jan 03 via their bug report page.

Workaround:
To immunize KaZaA from this defect you should remove the permissions from
the directory it launches ads from. This has a nice side effect of not
showing ads. The directory to secure is: %WinDir%\AdCache

Alternatively, KaZaA Lite can be used since it doesn't have ads or spyware
<http://www.kazaalite.com/> http://www.kazaalite.com/.

ADDITIONAL INFORMATION

The information has been provided by <mailto:bugtraq@jonespg.net> David
Krum and <mailto:tony@777h.org> tony@777h.org.

========================================

This bulletin is sent to members of the SecuriTeam mailing list.
To unsubscribe from the list, send mail with an empty subject line and body to: list-unsubscribe@securiteam.com
In order to subscribe to the mailing list, simply forward this email to: list-subscribe@securiteam.com

====================
====================

DISCLAIMER:
The information in this bulletin is provided "AS IS" without warranty of any kind.
In no event shall we be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages.

Next message: support@securiteam.com: "[UNIX] Remote Format String Vulnerability in Tanne"
Previous message: support@securiteam.com: "[UNIX] Remote Root Vulnerability in HSphere WebShell"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages

RE: [Full-disclosure] Help!
... Security tab under IE Internet Options). ... cause Windows to toss up an "Internet
Explorer - Security Warning" ... I have investigated about ADS and performed scans
using popular scanners ... Execute an ADS: ... (Full-Disclosure)
Re: Do you use HOSTS file ?
... Thor Kottelin wrote in message ... > IS security is usually defined
as data availability, ... I have nothing against "normal ads". ... But I dont
want: tracking cookies for instance. ... (comp.security.misc)
Re: Do you use HOSTS file ?
... I was talking about the usual location. ... Thor: Even if it is not written,
you should understand it like that. ... It is security. ... I never asked those
companies to put ads on their sites and I am not ... (comp.security.misc)
Re: Question for the Group
... And how often do the stories in North Star ads happen? ... Well, I agree, some
"we're still there" message wouldn't hurt. ... And those who claim security are
doing better than VMS. ... (comp.os.vms)
Re: Active Directory
... ich suche ein Tool womit ich die ADS auslesen und auswerten kann. ...
> Hi THino, ... >> Gibt es Tools, mit denen ich einen Security Check der
ADS machen kann, wie ... (microsoft.public.de.security.netzwerk.sicherheit)