Wednesday, March 29, 2017
Home / Security / Exploits / Security Hole found in Keepass Password Manager

Security Hole found in Keepass Password Manager

Keepass program

Keepass, a popular password encryption vault has been reported by Threatpost to contain a large remote exploit.  Keepass program logoThreatpost reports,

Researcher Benjamin Kunz Mejri of Vulnerability Lab said in an e-mail to Threatpost that he had discovered the hole in a software filter and validation feature in KeePass Password Manager up to and including v1.22. If exploited, the hole would enable an attacker with access to a machine running the KeePass software to inject malicious script by passing the html/xml export feature a specially crafted file.

A fortunate attacker would require a rigged URL with malevolent script code,  a logging server with read, write and execute (chmod 777) permissions, a listing data file and a logical keePass v1.22 user (also known as: the victim), Kunz Mejri published.  When exploited, the hole presents the attacker the power to steal plain  password lists, amongst other attacks, Kunz Mejri  warned.

The hole is ranked “medium” – a expression of the motive for aggressors to find local entree to a vulnerable system, and fool users into accepting certain activities to import malevolent content without acknowledging that its malicious.  Users are suggested to update Keepass as soon as an update is out.

About FastFlux

Owner of ZeroSecurity, interested in programming, malware analysis and penetration testing. If you would like to write for the ZeroSecurity team, please use the contact form above.

Check Also

Silent OS 3.0 for Blackphone Completely revamped

Version 3.0 migrates Silent OS to Android Marshmallow 6.0.1 and delivers the Android safety patch …