Home > Uncategorized > Security News #0x54

Security News #0x54

Exploits
  • G.S. McNamara has found an interesting problem in Ruby. Session cookies used for authentication are stored on the server but not deleted upon logout. Thus an attacker who gains access to the cookie could still use it to authenticate. Threatpost has some perspective.
  • Last week we mentioned the Metasploit module for MS13-071. Juan Vazquez explains some of the technical details behind the attack on the Metasploit blog.
Learning More
  • I came across the following piece which shows how to patch .NET code with CFF Explorer. I don’t have much experience with CFF Explorer; in fact until I read this piece, I had not heard about it. After reading these pages though, it is clear that I want to set aside some time to look at it in more detail….
  • When teaching programming, we emphasize to students how important it is to be aware of the data types that are being used. Consider the following C code
    uint64_t mul(uint16_t a, uint16_t b)
    {
         uint32_t c = a * b;
         return c;
    }
    

    Did you know that the output of this function will vary, depending on the precise flags used when the code is compiled (in gcc)? Take a look at this blog post of Xi Wang for the story.

Industry News
  • If you haven’t read the piece from Brian Krebs that describes how attackers have gained access to a number of different brokers of personally identifiable information, well, I’ll wait. Go read it!
  • The Chaos Computer Club announced that they can break the biometric security TouchID on new Apple devices. The piece at Ars Techica provides valuable context.
Advertisements
Categories: Uncategorized
  1. September 30, 2013 at 4:43 pm

    Thank you for covering my recent Rails session security vulnerability discovery. The issue is that everything is stored client side, so there’s no real central way to delete all possible sessions for an existing user. As I see it, if an authenticated cookie gets into the wrong hands at any point (whether you trust preventative measures such as SSL, etc.), the user is really in trouble.

  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: