Home page logo

bugtraq logo Bugtraq mailing list archives

Privacy concerns in interMute
From: john () KUWAIT NET (John Temples)
Date: Fri, 16 Jul 1999 13:59:30 -0700

interMute (www.intermute.com) is a junk filter/privacy enhancer for web
browsers.  It runs as either a privileged Java applet within your
browser, or as a standalone Java application.

interMute operates as a proxy server listening on port 4444, and is
meant to operate dedicated to a single user.  It correctly rejects any
service requests from IP addresses not on the local host.  However, it
has no mechanism to determine whether requests coming from the local
host originated from the browsing user, or some other user.

The interMute proxy has a "home page" from which the user can configure
it and view filtering statistics for the current session.  A local user
on a UNIX host can connect to another user's interMute proxy, giving
him full control over interMute.  Thus various attacks and intrusions
are possible:

1) The sites which were acted upon by interMute are listed in the
   "statistics" area, thus revealing part of the user's browsing history;

2) interMute can be configured to chain to another proxy, thus allowing
   all browsing activity to be redirected and logged without the user's

3) interMute can be configured to load a home page which could contain
   hostile Java and/or JavaScript code;

4) Various denial of service attacks are possible by reconfiguring
   interMute's filters.

I was unable to trick it into handling "file:" URLs or retrieving files
off the disk, except for files in the interMute home directory.

Reported to the vendor on July 9; no reply received.

John W. Temples, III

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]