mailing list archives
Privacy concerns in interMute
From: john () KUWAIT NET (John Temples)
Date: Fri, 16 Jul 1999 13:59:30 -0700
interMute (www.intermute.com) is a junk filter/privacy enhancer for web
browsers. It runs as either a privileged Java applet within your
browser, or as a standalone Java application.
interMute operates as a proxy server listening on port 4444, and is
meant to operate dedicated to a single user. It correctly rejects any
service requests from IP addresses not on the local host. However, it
has no mechanism to determine whether requests coming from the local
host originated from the browsing user, or some other user.
The interMute proxy has a "home page" from which the user can configure
it and view filtering statistics for the current session. A local user
on a UNIX host can connect to another user's interMute proxy, giving
him full control over interMute. Thus various attacks and intrusions
1) The sites which were acted upon by interMute are listed in the
"statistics" area, thus revealing part of the user's browsing history;
2) interMute can be configured to chain to another proxy, thus allowing
all browsing activity to be redirected and logged without the user's
3) interMute can be configured to load a home page which could contain
4) Various denial of service attacks are possible by reconfiguring
I was unable to trick it into handling "file:" URLs or retrieving files
off the disk, except for files in the interMute home directory.
Reported to the vendor on July 9; no reply received.
John W. Temples, III
[LoWNOISE] Lotus Domino ET LoWNOISE (Jul 10)
- Re: L0pht 'Domino' Vulnerability is alive and well, (continued)