|
 |
|
Internet Explorer Exposes Sensitive Information
|
|
|
|
|
Secunia Advisory:
|
SA8955
|
|
|
Release Date:
|
2003-06-06
|
|
Last Update:
|
2004-12-07
|
|
|
Critical:
|
Moderately critical
|
|
Impact:
|
Exposure of sensitive information
|
|
Where:
|
From remote
|
|
Solution Status:
|
Partial Fix
|
|
| Software: | Microsoft Internet Explorer 6.x
|
|
|
|
|
|
Description:
A vulnerability has been identified in Internet Explorer, which exposes sensitive information to "msn.com" and "alexa.com".
While this is a known "feature" when the "Show Related Links" option is activated in Internet Explorer, there is a bug, so that Internet Explorer will keep transmitting the information to "msn.com" and "alexa.com" after "Show Related Links" has been de-activated. This occurs whenever "Ctrl+R" is used to reload a page.
To make matters worse, it has been confirmed that this behaviour also affects SSL enabled pages. One thing is that Microsoft has chosen to make a "feature", which reveals this information to "msn.com" and "alexa.com", but the fact that information, which was supposed to be protected by SSL and sent only to one site, is sent in plain text to a third party ("msn.com" and "alexa.com") is of great concern.
The data transmitted to "msn.com" and "alexa.com" is the complete URL. In some cases this could contain sensitive information such as username, password, session id, search string, "secret paths", and more.
The vulnerability has been confirmed for Internet Explorer 6 on Windows 2000 and Windows XP with all Service Packs and hotfixes.
It is Microsoft that controls who else than "msn.com" should receive this information. Microsoft could at any time choose to send this information to another party than "alexa.com".
Solution:
The vulnerability has been fixed in Windows XP SP2.
Filter traffic at your perimeter to ensure that no data is sent to "msn.com" and "alexa.com".
Don't use the "Show Related Links" feature, or close the browser after every time it has been used.
See "Other References" for other alternative solutions.
Provided and/or discovered by:
Mike Shepherd
Changelog:
2003-06-09: Minor correction. Added link to alternative solutions.
2004-12-07: Added information about Windows XP SP2 in "Solution" section.
Other References:
http://www.imilly.com/alexa.htm#subvert
|
|
|
|
|
Please note: The information that this Secunia Advisory is based on comes from a third party unless stated otherwise.
Secunia collects, validates, and verifies all vulnerability reports issued by security research groups, vendors, and others.
|
|
|
|
127 Related Secunia Security Advisories, displaying 10
|
|
|
1. Internet Explorer FTP Command Injection Vulnerability
|
|
2. Microsoft Internet Explorer Multiple Vulnerabilities
|
|
3. Internet Explorer Multiple Code Execution Vulnerabilities
|
|
4. Microsoft Web Proxy Auto-Discovery Feature Security Issue
|
|
5. Internet Explorer Data Stream Handling Vulnerability
|
|
6. Internet Explorer Unspecified Address Bar Spoofing Vulnerability
|
|
7. Internet Explorer "OnKeyDown" Event Focus Weakness
|
|
8. Microsoft Internet Explorer FTP Credentials Exposure
|
|
9. Microsoft Internet Explorer Multiple Vulnerabilities
|
|
10. Microsoft Windows Vector Markup Language Buffer Overflow
|
Show all related advisories
|
|
|
Send Feedback to Secunia
|
|
If you have new information regarding this Secunia advisory or a product in our database, please send it to us using either our web form or email us at vuln@secunia.com.
Ideas, suggestions, and other feedback are most welcome.
|
|
|
|
|
|
Secunia PSI
Scan | Patch | Track
Free Download
|
|
|
Secunia Poll
|
|
|
|
|
 |
|
|
Most Popular Advisories
|
|
|
|
|
|
