Vulnerabilidades reveladas no Yahoo, PayPal, Aplicativos Shopify e Magento

Pesquisadores divulgaram informações sobre certas vulnerabilidades em aplicativos móveis e da web dos sites populares Yahoo, PayPal, Shopify e Magento. Isso poderia ter levado a ataques de phishing, seqüestro de sessões e até, roubo de contas.


Vulnerability Lab researchers Ayoub Ait Elmokhtar, Benjamin Kunz Mejri, Ebrahim Hegazy and Hadji Samir have made discovery of the bugs earlier this year, but only now have they revealed them publicly.

The PayPal Vulnerabilities

Three separate concerns have been found in PayPal’s security, specifically in its web applications. The most serious of those concerns is a vulnerability found in PayPal’s authentication check, which purpose is to approve the legitimate account owner. The vulnerability could have led to a bypass of that verification process by an attacker.

Even when 2-step verification is enabled on the application, where a user gets blocked if typing in wrong credentials, the account could again be penetrated. Two weeks ago, Benjamin Mejri stated on the topic that a user can get into another user’s account via the mobile Application Programming Interface just by replacing old, expired cookies with newer, working ones.

Among the possible 2-step authentication bypass, there was a recent patch by PayPal which was to affect an open-redirect-web vulnerability, found by Ayoub Elmokhtar, which could have been remotely exploited. That vulnerability addressed another that was a stored cross-site scripting bug in the Online Service Web Application, which could have been exploited for the purchase of various goods or transferring of funds. This particular discovery was made by Ayoub Elmokhtar.

The Yahoo Vulnerability

There was another matter of concern that the researchers disclosed regarding Yahoo’s site for advertisers – Gemini. More specifically there was a CSRF (Cross Site Request Forgery) erro, which could have allowed an attacker to insert malicious code to jeopardize the client-side application to browser requests and the session data.

The Shopify and Magento Vulnerabilities

Último, mas não menos importante, the researchers have uncovered two different relentless file name vulnerabilities in two platforms for e-commerce – Shopify and eBay’s Magento. Those vulnerabilities could have led an attacker to remotely put in their own malicious code in the service modules of the applications. If that would have happened – it could have led to a series of problems for the two applications, such as hijacking of sessions, relentless phishing attacks, relentless redirects to outside sources with malicious content, entre outras coisas.

The most recent vulnerability that researcher Hadji Samir found was in Magento site’s module for bug reports. An attacker could have uploaded a script of payload code as a filename through a “post” and the script to execute, instead of a bug report being posted.

What do you make of all of this? Should the researchers have exposed the bugs sooner or even, immediately after they had discovered them? Do you still feel safe using the above-mentioned sites, even with those certain vulnerabilities being fixed?


Berta Bilbao

Berta é um pesquisador de malware dedicado, sonhando para um espaço cibernético mais seguro. Seu fascínio com a segurança de TI começou há alguns anos atrás, quando um malware bloqueado la fora de seu próprio computador.

mais Posts

Deixe um comentário

seu endereço de e-mail não será publicado. Campos obrigatórios são marcados *

limite de tempo está esgotado. Recarregue CAPTCHA.

Compartilhar no Facebook Compartilhar
Compartilhar no Twitter chilrear
Compartilhar no Google Plus Compartilhar
Partilhar no Linkedin Compartilhar
Compartilhar no Digg Compartilhar
Compartilhar no Reddit Compartilhar
Partilhar no StumbleUpon Compartilhar