A security researcher has reported what appears to be an embarrassing flaw on Amazon’s website that could put Kindle users at high risk.
Benjamin Daniel Mussler claims that the “Manage Your Content and Devices” and “Manage Your Kindle” services on Amazon’s web-based Kindle Library are vulnerable to a cross-site scripting (XSS) attack, which can be exploited by a boobytrapped eBook title.
When this boobytrapped eBook is added to the intended victim’s library, the code will be automatically executed when the Kindle Library webpage is opened.
According to Mussler this means that :
Well its unlikely to find an eBook with a maliciously-crafted title in the official Kindle eBook store, provided Amazon keeps its eyes open. Instead, the only real chance that you might fall victim to the vulnerability is if you pirate eBooks, downloading them from online web sources and use Amazon’s “Send to Kindle” service to have them accessible on your reader.
Mussler says he first reported the vulnerability to Amazon in November 2003, along with an example eBook that ran proof-of-concept eBook that grabbed cookies and sent them to him. Amazon’s technical team managed to fix the flaw within four days, nice!
But....
To Mussler’s shock, the very same vulnerability was introduced approximately two months ago, and currently remains unfixed. The researcher informed Amazon that the security hole has re-emerged, but received no response from the company.
For that reason, Mussler has decided to go public with his findings. Amazon needs to fix the security hole, even if it is only likely to be a risk for a small number of Kindle users, and fix it permanently.
In the meantime, Kindle users are advised to get their eBooks from official stores, just to be on the safe & secure!
Source
Benjamin Daniel Mussler claims that the “Manage Your Content and Devices” and “Manage Your Kindle” services on Amazon’s web-based Kindle Library are vulnerable to a cross-site scripting (XSS) attack, which can be exploited by a boobytrapped eBook title.
When this boobytrapped eBook is added to the intended victim’s library, the code will be automatically executed when the Kindle Library webpage is opened.
According to Mussler this means that :
“Amazon account cookies can be accessed by and transferred to the attacker and the victim’s Amazon account can be compromised”.
Well its unlikely to find an eBook with a maliciously-crafted title in the official Kindle eBook store, provided Amazon keeps its eyes open. Instead, the only real chance that you might fall victim to the vulnerability is if you pirate eBooks, downloading them from online web sources and use Amazon’s “Send to Kindle” service to have them accessible on your reader.
Mussler says he first reported the vulnerability to Amazon in November 2003, along with an example eBook that ran proof-of-concept eBook that grabbed cookies and sent them to him. Amazon’s technical team managed to fix the flaw within four days, nice!
But....
To Mussler’s shock, the very same vulnerability was introduced approximately two months ago, and currently remains unfixed. The researcher informed Amazon that the security hole has re-emerged, but received no response from the company.
For that reason, Mussler has decided to go public with his findings. Amazon needs to fix the security hole, even if it is only likely to be a risk for a small number of Kindle users, and fix it permanently.
In the meantime, Kindle users are advised to get their eBooks from official stores, just to be on the safe & secure!
Source
No comments:
Post a Comment