Dismiss this notice
ExpressVPN Valentines 2021 Giveaway - https://www.geeks.fyi/showthread.php?tid=14246

Dismiss this notice
Internet Download Manager Giveaway - https://www.geeks.fyi/showthread.php?tid=14245

Thread Rating:
  • 1 Vote(s) - 5 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Amazon Kindle RCE Attack Starts with an Email
#1
Information 
Quote:Three vulnerabilities in the Amazon Kindle e-reader would have allowed a remote attacker to execute code and run it as root – paving the way for siphoning money from unsuspecting users.
 
Yogev Bar-On, researcher at Realmode Labs, found that it was possible to email malicious e-books to the devices via the “Send to Kindle” feature to start a chain of attack – a discovery that earned him $18,000 from the Amazon bug-bounty program.
 
“The first vulnerability allowed an attacker to send an e-book to the victim’s Kindle device,” he explained in a Thursday posting. “Then, the second vulnerability was used to run arbitrary code while the e-book is parsed, under the context of a weak user. The third vulnerability allows the attacker to escalate privileges and run code as root.”
 
To make the attack work (which the researcher calls KindleDrip), an attacker would first need to know the email address assigned to the victim’s device. There’s also a predefined list of approved emails that any e-books would need to be sent from. According to Bar-On, neither requirement is much of a hurdle.
 
The special destination email address assigned by Amazon is typically just the user’s regular email under the kindle.com domain (e.g. name@gmail.com becomes name@kindle.com), which “can be brute forced,” he explained.
 
And as for the list of approved addresses, spoofing can easily get around this. “Email authentication is still not as widespread as you may think,” he wrote. “Since many email servers still don’t support authentication, it is not unreasonable to assume that Amazon will not verify the authenticity of the sender.” And indeed, he was able to spoof an email message to send an e-book to his own device.

Read more: https://threatpost.com/amazon-kindle-att...il/163282/
[-] The following 1 user Likes silversurfer's post:
  • harlan4096
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)
[-]
Welcome
You have to register before you can post on our site.

Username:


Password:





[-]
Recent Posts
Microsoft starts force installing Window...
Microsoft is rampi...silversurfer — 20:10
Microsoft: Windows 10 'Known Issue Rollb...
Microsoft has shar...silversurfer — 20:07
AMD RDNA Mining GPUs Could Be on the Hor...
A counter to Nv...harlan4096 — 18:35
GFYI [Official] Internet Download Manag...
"Share feedback...kubik67 — 15:35
Microsoft Edge 89 Stable is out
Microsoft relea...harlan4096 — 14:51

[-]
Birthdays
Today's Birthdays
avatar (38)slavrProck
avatar (40)Tyesharaike
avatar (44)TomeRerla
Upcoming Birthdays
avatar (39)gapedDow
avatar (33)snorydar
avatar (38)Hectorvot
avatar (46)knowhanPluts
avatar (34)Williamengiz
avatar (41)qaqapeti
avatar (39)battsourIonix
avatar (38)CedricSek
avatar (34)chasRex
avatar (46)tersfargum
avatar (45)alfreExept
avatar (40)walllMIZ
avatar (36)oconyho
avatar (28)uteluxix
avatar (42)piafcflene
avatar (34)Matthewkah
avatar (33)Charlesfibre
avatar (37)napasvem
avatar (39)diploJeoca
avatar (33)francisnj3
avatar (38)artmaGoork
avatar (40)tukraNax
avatar (44)Eddiemek
avatar (36)RichardCisee
avatar (35)ebenofit
avatar (33)ykazawu

[-]
Online Staff
There are no staff members currently online.

>