Security researcher discovers Rapidshare flaw

According to Yaniv Miron, an Israel-based security researcher with M86 Security, this latest Rapidshare flaw arose because of an error condition caused by the file-sharing service's servers being overloaded.

Whilst Rapidshare has seemingly limitless amounts of server capacity, the last week or so has seen the service return a 'server busy' page to a number of users at peak times.

And, says Miron, he and his team decided to test the error message and found that there was an improper input validation vulnerability in the 'downloaderror' field.

Dissecting the error message, he and his team found what appears to be a dummy error message that, with a little manipulation, allowed someone to control all of the 'downloaderror' fields.

"For example, the file folder (623624), the file name (test.avi), and of course the error message", he said in his latest security blog.

This type of improper input validation, says Miron, can help malicious attackers create phishing pages within Rapidshare.com.

"A user that receives an email or a link to the malicious phishing page could unknowingly give away credit card information to the malicious attacker either by email or by a phone call", he said.

The good news is that, when Miron contacted Rapidshare.com regarding his team's discovery, he "received a response from the Rapidshare Abuse team assuring us that they have fixed the issue."

What’s Hot on Infosecurity Magazine?