RSS Archive Contact Us Advertise

IT Management Begins With Security
SecurityProNews > News > Security News > RSS Worries – Black Hat Asks What If?
Search:
[ news_security_news ]

RSS Worries – Black Hat Asks What If?



David Utter
Staff Writer
2006-08-03

SecurityProNews: News RSS Feed Security News RSS Feed


RSS feeds provide a site publisher with the mechanism to quickly deliver content to an opt-in audience; if the feed can be compromised, an attacker can send exploit code to every subscriber.

It's a scenario that would even give the legendary Bruce Nordstrom pause: hundreds of RSS feed subscribers, returning, new, and would-be customers, hit by a malicious exploit through the RSS content delivered by the company. Plenty of angry and confused people calling on the phone, trying to find out why their computers have just become expensive paperweights.

InternetNews reported on a couple of ways this could happen. SPI Dynamics Security Engineer Robert Auger presented the awful truth during a session at Black Hat in Las Vegas.

Auger described two scenarios where crackers could exploit RSS. One would be through placing an attack in a feed the attacker already controls, a scenario that Auger considers unlikely. We see the potential for abuse here though. A site could pose as a benevolent resource targeted at an audience, only to unleash an attack after attracting a given number of subscribers.

The more likely scenario in Auger's mind would be an injection attack into a vulnerable feed. On a popular blog or website, that could lead to numerous systems being hit in a very short time frame.

To make things worse, feed readers have an assortment of security concerns that Auger claimed need to be fixed. He cited web-based readers as being "particularly vulnerable to a variety of attacks including SQL Injection, command execution and denial of service." Auger named Bloglines as one that it especially susceptible to injection attacks.

On the desktop, local reader software could be the gateway to the file system and an attached network. Auger's list of vulnerable local readers include Sharp Reader and products from other vendors who have not been named yet.

As beneficial interest in RSS grows, so will malevolent interest. It happens in all things, a part of human nature. RSS looks like a technology that can be secured as it matures, and as commercial interest in it increases there will be plenty of motivation for vendors to make it so.

---
Tag:

Add to Del.icio.us | Digg | Yahoo! My Web | Furl

Get all the updates in RSS:




About the Author:
David Utter is a business and technology writer for SecurityProNews and WebProNews.

More news_security_news Articles

SecurityProNews: News RSS Feed Security News RSS Feed

Get Your Site Submitted for Free in the World's Largest B2B Directory!

Email Address:
* URL:
*
*Indicates Mandatory Field

Terms & Conditions

iEntry Featured Services: Jayde Member Services | Forums | Freeware | Advertise with Us

Contact Us | Advertise | Newsletter Archive | Sitemap | Submit an Article | News Feeds
SecurityProNews is an iEntry, Inc.® publication - 1998-2008 All Rights Reserved | Privacy Policy and Legal		 Join the WebProWorld Forums: Click Here
Virus Warnings

Subscribe to
SecurityProNews FREE!


[ more newsletters ]

Featured On:
article resources
Search Articles:
[advanced search]

WebProWorld.com
Get in-touch with industry experts and leaders
Post your site for review by expert and peers
Ask Security, IT, Development and Design questions

Free Membership: Join Now!

Visit WebProWorld.com

Titan Quest Forum
The #1 Titan Quest forum
Halo 3 Forum
The best Halo, Halo 2, Halo 3 forum
Nintendo Wii
Nintendo Wii news and views
Mac Software
The best in OS X freeware
Graphics Forum
Your source for graphic tutorials
SecurityProNews.com | Breaking eBusiness News Get Your IT Questions Answered - Click Here SecurityProNews News Feeds