Insecurities in Privoxy Configurations - Details
Roger Dingledine
arma at mit.edu
Fri Nov 30 20:23:28 UTC 2007
On Thu, Nov 29, 2007 at 12:13:08PM -0600, Gregory Fleischer (Lists) wrote:
> 1) If the 'enable-remote-http-toggle' option is set, any client side
> technology that can generate HTTP headers can bypass Privoxy
> content filtering by adding a header of: "X-Filter: No".
>
> 2) If the 'enable-remote-toggle' option is set, then any web browser
> vulnerabilities that can spoof HTTP Referer headers can be used to
> completely disable Privoxy filtering.
>
> 3) If the 'enable-edit-actions' option is set, then any web browser
> vulnerability that can spoof HTTP Referer headers and determine the
> modification time of the 'user.action' file can modify the Privoxy
> configuration.
Thanks Greg.
Two further comments:
1) Those of us who use polipo should pay attention too, and make sure
to put
disableLocalInterface=true
in our polipo config file. Otherwise a remote attacker can reconfigure
our polipo out from underneath us, examine our cache to see where we've
been browsing, etc.
For more suggested polipo config options, check out
https://tor-svn.freehaven.net/svn/incognito/trunk/root_overlay/etc/polipo/config
2) For a truly stunning array of browser-based attacks that can allow
this sort of attack (lest you think that you're safe because you're
running an up-to-date browser), check out "Protecting Browsers from DNS
Rebinding Attacks" by some good folks at Stanford:
http://crypto.stanford.edu/dns/
--Roger
More information about the tor-talk
mailing list