[ Flash DNS Rebinding Flaw Fixed ]

Well, I guess I can talk about it now since they've fixed it. Nate and I found a DNS rebinding flaw in Adobe Flash that had to do with domain name canonicalization. I'm going to post a more in depth explanation of how it worked in the coming days but I'm too busy for that right now.


Anyway, just a quick hint, this issue is actually the one we used to pull of our Picasa exploit in a reliable fasion...

edit: I would also like to point out that this is not the issue pdp found that he used to exploit routers via CSRF. I think the CVE we are given credit for in the Adobe advisory may be incorrect because it does not describe the vulnerability we discovered.

edit 2: Apparently the CVE reference was a typo on Adobe's part. Should be fixed soon hopefully. Also, there were 7 separate vulnerabilities addressed in the patch that was released including the flaw used to bring the Vista system to its knees in Pwn2Own.

edit 3: The CVE for the DNS Rebinding vulnerability is CVE-2008-1655.