nProtect Netizen Lets Remote Users Download Arbitrary Files to the Target System
|
|
SecurityTracker Alert ID: 1013812
|
|
SecurityTracker URL: http://securitytracker.com/id?1013812
|
|
CVE Reference: GENERIC-MAP-NOMATCH
(Links to External Site)
|
Date: Apr 26 2005
|
Impact: Modification of system information, Modification of user information, User access via network
|
Fix Available: Yes
Vendor Confirmed: Yes
|
Advisory: Secure Net Service (LAC)
|
Version(s): 2005.3.17.1
|
Description: A vulnerability was reported in nProtect Netizen. A remote user may be able to download arbitrary files to the target system.
A remote user can create specially crafted HTML that, when loaded by the target user, will cause an arbitrary file to be downloaded
to an arbitrary location on the target user's system.
The original advisory is available at:
http://www.lac.co.jp/business/sns/intelligence/SNSadvisory_e/80_e.html
Keigo Yamazaki discovered this vulnerability. SecureNet Service reported this vulnerability.
|
Impact: A remote user can cause arbitrary files to be downloaded to arbitrary locations on the target system.
|
Solution: The vendor has issued a fixed version, available via the automatic update feature.
|
Vendor URL: eng.nprotect.com/nprotect_netizen.htm (Links to External Site)
|
Cause: Access control error, Authentication error
|
Underlying OS: Windows (Any)
|
Reported By: snsadv@lac.co.jp (snsadv)
|
Message History:
None.
|
Source Message Contents
|
Date: Mon, 25 Apr 2005 16:51:14 +0900
From: snsadv@lac.co.jp (snsadv)
Subject: [infosec-discuss] [SNS Advisory No.80] nProtect:Netizen Arbitrary
|
------------------------------------------------------------------
SNS Advisory No.80
nProtect:Netizen Arbitrary File Download Vulnerability
Problem first discovered on: Wed, 13 Apr 2005
Published on: Mon, 25 Apr 2005
------------------------------------------------------------------
Severity Level:
---------------
Medium
Overview:
---------
A vulnerability in nProtect:Netizen could result in downloading an
arbitrary code into the path which an attacker specified on the
vulnerable system.
Problem Description:
--------------------
nProtect:Netizen is an ActiveX control which designed for protecting
users from virus, unauthorised access, phishing, etc.
nProtect:Netizen tries to check update module when it's launched.
If nProtect:Netizen could finds an updated module, the program
would try to download it.
A malicious website administrator can induce a user to view a
specially
crafted web site which could download an arbitrary file into the path
that the attacker specified.
Tested Versions:
----------------
nProtect:Netizen Ver.2005.3.17.1
Solution:
---------
Update to the fixed version of nProtect:Netizen available at:
connectting with the web site where this product is used, and pushing
the start button for it.
Discovered by:
--------------
Keigo Yamazaki
Thanks to:
----------
This SNS Advisory is being published in coordination with Information-technology
Promotion Agency, Japan (IPA) and JPCERT/CC.
http://jvn.jp/jp/JVN%23AF02FB4B/index.html
http://www.ipa.go.jp/security/vuln/documents/2005/JVN_AF02FB4B_nProtect.html
Disclaimer:
-----------
The information contained in this advisory may be revised without prior
notice and is provided as it is. Users shall take their own risk when
taking any actions following reading this advisory. LAC Co., Ltd.
shall take no responsibility for any problems, loss or damage caused
by, or by the use of information provided here.
This advisory can be found at the following URL:
http://www.lac.co.jp/business/sns/intelligence/SNSadvisory_e/80_e.html
|
|
