Facebook Old Generated URLs Still Vulnerable to Open Redirect Attacks & A New Open Redirect Security Vulnerability
(1) General Vulnerabilities Description:
(1.1) Two Facebook vulnerabilities are introduced in this article.
Facebook has a security problem. It can be exploited by Open Redirect attacks. Since Facebook is trusted by large numbers of other websites. Those vulnerabilities can be used to do “Covert Redirect” to other websites such as Amazon, eBay, etc.
One Facebook Open Redirect vulnerability was reported to Facebook. Facebook adopted a new mechanism to patch it. Though the reported URL redirection vulnerabilities are patched. However, all old generated URLs are still vulnerable to the attacks. Section (2) gives detail of it.
The reason may be related to Facebook’s third-party interaction system or database management system or both. Another reason may be related to Facebook’s design for different kind of browsers.
(1.1.2) Another new Open Redirect vulnerability related to Facebook is introduced, too. For reference, please read section (3).
Tests were performed on Firefox (version 26.0) on windows 7; Firefox (version 24.0) on Ubuntu 12.10, Chrome (Version 30.0.1599.114) on Ubuntu 12.10.
Wang Jing, School of Physical and Mathematical Sciences (SPMS), Nanyang Technological University (NTU), Singapore.