« Google Docs suffers serious security lapse | Main | Revisiting Browser v. Middleware Attacks In The Era Of Deep Packet Inspection »

Socket Capable Browser Plug-ins Result In Transparent Proxy Abuse

For over a year in my spare time I've been working on a abuse case against transparent proxies at my employer, and have just released my latest paper '"Socket Capable Browser Plugins Result In Transparent Proxy Abuse". When certain transparent proxy architectures are in use an attacker can achieve a partial Same Origin Policy Bypass resulting in access to any host reachable by the proxy via the use of client plug-in technologies (such as Flash) with socket capabilities. As I outline in the paper I suspect there may be difference of opinion as to who's responsibility it is to fix the issue, but the bottom line is with certain transparent proxy products and network layouts you're safe, and others you're not.

The best part of this experience wasn't the bug itself, but the great conversations that I've had with many people in the industry. Comments welcome!

Download: http://www.thesecuritypractice.com/the_security_practice/2009/03/socket-capable-browser-plugins-result-in-transparent-proxy-abuse.html
Cert Advisory VU #435052: http://www.kb.cert.org/vuls/id/435052


Feed You can follow this conversation by subscribing to the comment feed for this post.

All Comments are Moderated and will be delayed!

cool stuff robert