[9386] in bugtraq
Re: open socket in java
daemon@ATHENA.MIT.EDU (Lincoln Stein)
Fri Feb 5 14:51:08 1999
Date: Fri, 5 Feb 1999 09:09:25 -0500
Reply-To: lstein@cshl.org
From: Lincoln Stein <lstein@CSHL.ORG>
To: BUGTRAQ@NETSPACE.ORG
In-Reply-To: <36BA0E14.52996BE3@jenik.com>
Aviram Jenik writes:
> nino wrote:
>
> > The implications are obvious. If any host can connect to the machine
> > running the aplet, you could tell java to do things like the boserver.
> > If
> > you have a completely open socket, its rock n' roll !
> >
>
> No, it's not.
>
> Yes, you can connect to the open socket, but the applet can't do any I/O, so
> it's basically harmless (just like any other applet).
The main issue, I think, is information leakage between the Web site
that uses the applet and the applet's author. Consider this scenario:
a Bad Guy puts out a compiled applet in the public domain that seems
to do something innocent like chart business graphics. Some company
then picks up this applet and uses it to display its confidential
business plan to authorized hosts in branch offices. Unbenknownst to
the company or the branch office, the applet has actually opened a
listen socket, has accepted a connection from the applet's original
author, and is currently transmitting the confidential information to
an untrusted host!
Lincoln
--
========================================================================
Lincoln D. Stein Cold Spring Harbor Laboratory
lstein@cshl.org Cold Spring Harbor, NY
========================================================================
