Android-smartphones vulnerable to attack through the viewed web-pages

Posted: September 16, 2014 in Mobile Security
Tags: , , , ,

Android Hacked

Android-smartphones vulnerable

Major Android Bug is a Privacy Disaster

The vulnerability allows to intercept the current session cookies and gain complete control over the user’s session.

In the Metasploit (popular among security researchers a set of tools for penetration testing), appeared a new module that allows to exploit a dangerous vulnerability in a 75% of all smartphones based on Android operating system. The flaw makes it possible to intercept web-pages which viewed victim. It is reported by The Register.

We are talking about the vulnerability CVE-2014-6041, affecting the Android 4.2.1 (and earlier versions). To discover its managed 1 September, according to researcher Tod Beardsley (a developer for the Metasploit security toolkit), who called the flaw a “privacy disaster”.

“What this means is any arbitrary website – say, one controlled by a spammer or a spy – can peek into the contents of any other web page,” Beardsley said.

It is worth noting that the breach also gives the attacker the ability to intercept the cookies of the current session and take full control over the user’s session – that is, to view and modify arbitrary data with the device owner privileges.

A more detailed description of the vulnerability you can found below.

Security Bypass in Google Android Browser

Danger level: Average
Availability fix: No
Number of vulnerabilities: 1
CVSSv2 Rating: (AV: N / AC: M / Au: N / C: P / I: P / A: N / E: P / RL: U / RC: C) = Base: 5.8 / Temporal: 5.2
CVE ID: CVE-2014-6041

• Vector operation: Remote
• Impact: Security Bypass
• Exploit availability: PoC code

• Affected products: Google Android 4.2.x
• Affected versions: Google Android Browser for Android 4.2.1 and earlier versions

Description:

Vulnerabilities allow malicious people to bypass certain security restrictions.

The vulnerability is caused due to an error when processing attributes. This can be exploited via a specially crafted attribute containing the character \ u0000, bypass certain security restrictions Same Origin Policy and conduct follow-up attack.

Solution: Ways of elimination of vulnerability now does not exist yet.


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s