DNS rebinding explained

computer security dns-rebinding dns

A quick summary about how DNS rebinding attacks work. The main motivation for this post is to have a diagram to show when explaining DNS-rebinding attacks.

Read more…

DNS rebinding and CSRF vulnerabilites on Samsung TV DIAL implementation

computer security vulnerability dial dns-rebinding csrf advisory

I found a DNS rebinding vulnerability as well as a Cross Site Request Forgery (CSRF) vulnerability on the DIAL (Discovery And Launch) implementation of the Samsung TV UE40F6320 (v1.0), from 2011. This can be used to open any installed application (eg. Netflix and Youtube) and force the vizualisation of a given video in the applications.

Read more…

Page 1 of 2 | | Next page | JSON Feed | Atom Feed