Discovered by: Dan Kaminsky, RSnake, Dan Boneh
Presented at Toorcon 2007, this attack used DNS Rebinding to bypass the Same Origin Policy and build a tunnel into a remote network using only a lured web browser (and its associated grab bag of Web 2.0 technologies like Flash, Java, and JavaScript). This vulnerability can best be described as a design bug in the Web 2.0 and we’re all waiting for it to be fixed in Web 2.0 Service Pack 1.