• 5,814,993
    REGISTERED
  • 41,838
    ONLINE NOW

HTC Peep Vulnerability Update

HTC Peep Vulnerability Update

XDA Moderator Noonski let us know about an interesting article published today regarding HTC Peep vulnerability. Despite we have known about this since August 2010, there was no published fix for this problem. According to the original article, the default Twitter client in HTC devices, HTC Peep, is vulnerable to two different credentials disclosure vulnerabilities during the authentication process against the Twitter service (twitter.com). The first vulnerability resides in the third HTTP request, a POST request towards the “/oauth/authorize” resource, which contains several parameters, including the Twitter user name and password in the clear, making the authentication process vulnerable to eavesdropping attacks.
The latest information claims that there is a fix: HTC replies back informing “…that for the time being the update hasn’t yet been released on the website however, any customer who wishes to download it can contact us and we will send it out to them”.

Originally posted by Noonski
Maybe of interest

HTC Peep vulnerability.

Continue reading.

Thanks to our friend and XDA member pof for the tip

_________
Want something on the XDA Portal? Send us a tip! -- Join us for xda:devcon 2014!
Advertisment
Advertisement

XDA TV: Most Recent Video

Buy/Sell on Swappa

  • Nexus 5 (Unlocked) buy | sell
  • Galaxy Note 3 (T-Mobile) buy | sell
  • HTC One M7 (Verizon) buy | sell
  • Galaxy S 5 (Unlocked) buy | sell
  • Nexus 7 2013 buy | sell
  • Swappa is the official marketplace of XDA