Security Hole in Amazon's Kindle Touch Allowing Attacker to Execute Arbitrary Shell Commands as root
Yet again another major security hole found in Amazon's Kindle Touch which could lead a attacker to run malicious codes and even can get root privilege. This hole has been found into the built in browser of Kindle Touch. The vulnerability is something follows - when a user navigates to a specially crafted web page, the Kindle will execute arbitrary shell commands as root. This allows attackers to access the eBook reader's underlying Linux system at the highest privilege level and potentially steal the access credentials for the Amazon account linked to the Kindle, or purchase books with the Kindle user's account.
Though Amazon have a solid excuse while saying the Kindle browser has been considered to be in "beta" for more than a year, this status doesn't reduce the risk for inquisitive users as the software is installed on each device by default.
We would like to give you reminder that, this security issue was publicly documented about three months ago but hasn't attracted much attention – except in the jailbreak community. The issue doesn't appear to affect any other Kindle models. Amazon's security department told heise Security that they are working on a patch.
-Source (The-H)
LINK TO OUR HOME PAGE :
Voice Of GREYHAT is a non-profit Organization propagating news specifically related with Cyber security threats, Hacking threads and issues from all over the spectrum. The news provided by us on this site is gathered from various Re-Sources. if any person have some FAQ's in their mind they can Contact Us. Also you can read our Privacy Policy for more info.
Thank You !
-Team VOGH
If you enjoyed VOGH News, Articles Then Do Make sure you to Subscribe Our RSS feed. Stay Tuned with VOGH and get Updated about Cyber Security News, Hacking Threads and Lots More. All our Articles and Updates will directly be sent to Your Inbox. Thank You!
-Team VOGH
Categories:
ROT
,
security-news
,
technews
,
vulnerablity