Page 311 - StudyBook.pdf
P. 311
Communication Security: Web Based Services • Chapter 5 295
see how this situation could be dangerous.A good example of the potential effects
of ActiveX is the infamous Windows Exploder control.This was a neat little
ActiveX control written by Fred McLain (www.halcyon.com/mclain/ActiveX) that
demonstrates what he calls “dangerous” technology. His control only performs a
clean shutdown and power-off of the affected Windows system.This might not
seem so bad, but it was written that way to get the point across that the control
could be used to perform much more destructive acts. Programmers have to be
careful with ActiveX controls, and be sure that they know everything their control
is capable of before releasing it.
Another problem that arises as a result of lack of programmer consideration is
the possibility that a control will be misused and at the same time take advantage of
the users’ privileges. Just because the administrator has a specific use in mind for a
control does not mean that someone else cannot find a different use for the con-
trol.There are many people who are not trustworthy and will try to exploit
another’s creativity.
Another common cause of vulnerabilities in ActiveX controls is the release of
versions that have not been thoroughly tested and contain bugs. One specific bug
that is often encountered in programs is the buffer overflow bug.As we’ll discuss
more fully later in this chapter, buffer overflows occur when a string is copied into
a fixed-length array and the string is larger than the array.The result is a buffer
overflow and a potential application crash.With this type of error, the key is that
the results are unpredictable.The buffer overflow may print unwanted characters on
the screen, or it may kill the browser and in turn lock up the system.This problem
has plagued the UNIX/Linux world for years, and in recent years has become
more noticeable on the Windows platform. If you browse the top IT security
topics at Microsoft TechNet (www.microsoft.com/technet/security/current.asp),
you will notice numerous buffer overflow vulnerabilities. In fact, at times, one or
more issues involving this type of error were found monthly on the site.As men-
tioned, this is not exclusively a Microsoft problem, but it affects almost every
vendor that writes code for the Windows platform.
To illustrate how far-reaching this type of problem has been, in a report found
on the secureroot Web site (www.secureroot.com), Neal Krawetz reported that he
had identified a buffer overflow condition in the Shockwave Flash plug-in for Web
browsers. He states,“Macromedia’s Web page claims that 90 percent of all Web
browsers have the plug-ins installed. Because this overflow can be used to run arbi-
trary code, it impacts 90 percent of all Web-enabled systems.” Now that is a scary
thought! While this report was originally written in 2001, a similar error was
reported on Adobe’s Web site in 2006 regarding Shockwave Player when it is
www.syngress.com
