Slashdot Mirror

← Back to Stories (view on slashdot.org)

Major Flaw Found In Security Products

Posted by kdawson on from the deploy-the-captchas dept.

ancientribe writes "A stealthy and potentially dangerous bug has been discovered in security products from eight different vendors, including Check Point Software, according to an article in Dark Reading. The so-called cross-site request forgery (CSRF) lets an attacker access the user's network and even conduct transactions on behalf of the user. It could affect over a million installations, but so far, Check Point is the only security vendor to step up and patch it. This vulnerability is found in most everything with a Web-based interface, including printers, firewalls, DSL routers, and IP phones." An article on the vulnerability from last fall quotes Jeremiah Grossman, CTO of WhiteHat Security, who calls CSRF "the sleeping giant" vulnerability: "It's not seen as a vulnerability because it works like the Web works."

5 of 153 comments (clear)

  1. Hope they used EEPROM by jshriverWVU · · Score: 2, Insightful
    routers, IP phones, etc

    because it sucks when there's a bug in hardware unless it's possible to do a firmware upgrade to fix or work around it.

  2. Can someone explain this for me...? by mikecardii · · Score: 3, Insightful

    I'm not completely retarded at computers, I just like reading comments on /. so I don't call attention to myself because for the most part I look like a complete dumbass. Yet this sentance makes no sense to me. "It's not seen as a vulnerability because it works like the Web works." What does this mean?

  3. The sky is falling? by Verteiron · · Score: 3, Insightful

    From TFA:
    In Check Point's case, CSRF was possible when a user was logged onto https://my.firewall/ at the same time he or she was connected to a malicious Website, according to the company's patch release information.

    This bad, sure, but hardly the internet-destroying calamity the article makes it sound like. When you're connected to the web interface of something critical, make sure you trust the other websites you're viewing at the same time. Am I missing something, or is this Calyptix company just trying to get its name on everyone's lips?

    --
    End of lesson. You may press the button.
  4. I Don't See It As a Sleeping Giant .... by Luscious868 · · Score: 2, Insightful

    All it takes is one malicious site to be open at the same time the Web interface is, and the attacker can gain access to your network, he says.

    So don't manage any device on your network via it's web interface while browsing web sites you don't trust on the Internet. Problem solved. In this day and age you should be careful about opening links to non-trusted sites no matter what.

    If you absolutely must do both at the same time, use one browser for the web and another to manage the device. If you're on Windows and you've got a brain then you've already installed a second browser to avoid the headache that is IE when possible anyway.

  5. Re:What the ... ? by morgan_greywolf · · Score: 2, Insightful

    I've said from the first day I learned what a 'cookie' was that using cookies alone for authentication is a very bad idea. Here is the real fix: don't use cookies alone for authentication. Your idea of using a session token passed on the URL is one such idea. Can anyone think of others?

    --
    My blog