Zero Day Subscriptions: Using Rss And Atom Feeds As Attack Delivery Systems presented at Blackhat USA 2005

by Robert Auger, Caleb Sima,

Tags: Security

Summary : This presentation will discuss the use
of RSS and Atom feeds as method of delivering exploits to client
systems. In our research we have found a number of RSS clients, both
local and web-based, that are far too trusting of the content that is
delivered via feeds. Although this content arrives as well-formed XML,
fundamentally it originated as user input elsewhere. Like any such data,
it can contain malicious and mal-formed content, yet many clients fail
to guard against this. And though such content by definition originates
remotely, many clients use methods of display that cause it to be
trusted as if it were locally originated.