Free Newsletter
Register for our Free Newsletters
Newsletter
Zones
Access Control
LeftNav
Alarms
LeftNav
Biometrics
LeftNav
Detection
LeftNav
Deutsche Zone (German Zone)
LeftNav
Education, Training and Professional Services
LeftNav
Government Programmes
LeftNav
Guarding, Equipment and Enforcement
LeftNav
Industrial Computing Security
LeftNav
IT Security
LeftNav
Physical Security
LeftNav
Surveillance
LeftNav
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
 
News

Payment service XSS vulnerability discovered

BitDefender UK : 07 September, 2015  (Technical Article)
Bitdefender details its latest discover, this time of a stored XSS vulnerability which could affect payment service users
Payment service XSS vulnerability discovered

Researchers from Bitdefender have located a stored XSS vulnerability in PayPal that leaves the e-payment service open for hackers to upload maliciously crafted files, capable of performing attacks on registered users of the service.

Bitdefender has revealed that the vulnerability can be used to deliver harmful files or content that enable a wide range of attacks on users to take place.

PayPal’s issue lies in the way it processes and encrypts URLs that transport uploaded files. Bitdefender’s proof-of-concept uses an HTML-formatted XML file, which is transferred to the ‘Create an Invoice' section.

By tampering with the URL that pulls upload files from PayPal’s servers, Bitdefender was able to force the execution of a malicious payload on PayPal’s server.

Catalin Cosoi, Chief Security Strategist at Bitdefender said: “The huge reach that cyber attackers had access to through this vulnerability was a worrying development for a service that prides itself on security. Bitdefender is pleased to have located the flaw and shared it with PayPal, safeguarding the future transactions of its users.”

Bitdefender states that the stored XSS attack only works in Firefox and, although it has not been reported in the wild, it could have allowed hackers to manipulate PayPal. However, since being advised by Bitdefender about the XSS vulnerability, PayPal reports that it has issued a fix rendering any attacks exploiting the issue as ineffective.

Creating Bitdefender’s proof of concept

After making an XML file that was then uploaded to PayPal’s server, Bitdefender researchers were able to modify the file’s link and perform changes to it which produced an error.

Once the full path to the stored XSS was noted, a second file was then uploaded with a pre-determined file name and divided into blocks of 16.

Because each block could be changed to affect the block that followed, when some bytes were changed, the output looked very different. Bitdefender was then able to gain a response from PayPal that resulted in a link that could be used for further attacks.

Other attacks could allow for a “reflected file download,” which can create PayPal output files that resemble “~test.bat”. By downloading and executing these files, attackers could trick users into installing malware or other types of threats

Bookmark and Share
 
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
 
   © 2012 ProSecurityZone.com
Netgains Logo