LinuxQuestions.org
Support LQ: Use code LQ3 and save $3 on Domain Registration
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Reply
 
LinkBack Search this Thread
Old 06-02-2006, 06:43 PM   #16
win32sux
Guru
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Original Poster
Rep: Reputation: 371Reputation: 371Reputation: 371Reputation: 371

Mozilla Firefox 1.5.0.4 has been released. It addresses several security issues.
 
Old 06-03-2006, 02:10 AM   #17
Ygrex
Member
 
Registered: Nov 2004
Location: Russia (St.Petersburg)
Distribution: Debian
Posts: 640

Rep: Reputation: 65
yes, yes, we know it well
 
Old 06-06-2006, 08:11 PM   #18
win32sux
Guru
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Original Poster
Rep: Reputation: 371Reputation: 371Reputation: 371Reputation: 371
Firefox File Upload Form Keystroke Event Cancel Vulnerability (Not Critical)

Quote:
Description:
Charles McAuley has reported a vulnerability in Firefox, which can be exploited by malicious people to trick users into disclosing sensitive information.

The vulnerability is caused due to a design error where a script can cancel certain keystroke events when entering text. This can be exploited to trick a user into typing a filename in a file upload input field by changing focus and cancel the "OnKeyPress" JavaScript event on certain characters.

Successful exploitation allows an arbitrary file on the user's system to be uploaded to a malicious web site, but requires that the user types a text containing the characters of the filename.

The vulnerability has been confirmed in version 1.5.0.4. Other versions may also be affected.

Solution:
Disable JavaScript support.

Do not enter suspicious text when visiting untrusted web sites.
Secunia Advisory

FYI: This bug seems to affect Mozilla, Seamonkey, and Netscape as well.

Last edited by win32sux; 06-06-2006 at 08:27 PM.
 
Old 06-26-2006, 04:25 PM   #19
vimal
Red Hat India
 
Registered: Nov 2004
Location: Kerala/Pune,india
Distribution: RedHat, Fedora
Posts: 260

Rep: Reputation: 34
Hello,

Firefox needn't be compiled, so it really does not replace the binary '/usr/bin/firefox'. When you untar the archive, it just gets unpacked and a new directory called 'firefox' is created with the contents. You can call the new firefox binary by issuing the complete path.. ie.. firefox/firefox&, staying where the package is unpacked. The plugins and extensions reside in the '.mozilla/plugins/' directory in your home folder. The bookmarks are written in the file 'bookmarks.html' in the directory '.mozilla/firefox/PROFILE', where PROFILE is your profile name. Also if you need the command 'firefox' to call the new firefox binary, just create a soft link to the new location for '/usr/bin/firefox'.
ie.. ln -s /home/username/firefox/firefox /usr/bin/firefox

Thanks..
 
Old 07-15-2006, 05:19 PM   #20
win32sux
Guru
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Original Poster
Rep: Reputation: 371Reputation: 371Reputation: 371Reputation: 371
Mozilla Firefox and Mozilla Thunderbird 1.5.0.5 Community Test Day

From mozillaZine:
Quote:
In preparation for the forthcoming releases of Mozilla Firefox 1.5.0.5 and Mozilla Thunderbird 1.5.0.5, a 1.5.0.5 Community Test Day is taking place today. From 7:00am until 5:00pm Pacific Daylight Time (2:00pm until 12:00am UTC), testers will be invited to check the latest release candidate builds of 1.5.0.5 for new bugs and regressions. The event will be coordinated via a special IRC channel.

According to the Firefox 1.5.0.5 schedule, the planned release dates for Firefox 1.5.0.5 and Thunderbird 1.5.0.5 are Tuesday 25th July and Thursday 27th July respectively. All users will be encouraged to update to these maintenance releases, which will include security and stability updates but no new features.

Last edited by win32sux; 07-15-2006 at 05:20 PM.
 
Old 07-26-2006, 09:04 PM   #21
win32sux
Guru
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Original Poster
Rep: Reputation: 371Reputation: 371Reputation: 371Reputation: 371
Firefox 1.5.0.5 has been released.
 
Old 08-17-2006, 08:42 PM   #22
win32sux
Guru
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Original Poster
Rep: Reputation: 371Reputation: 371Reputation: 371Reputation: 371
Mozilla Firefox Memory Corruption Weakness (Not Critical)

Quote:
Description:
Michal Zalewski has discovered a weakness in Firefox, which can be exploited by malicious people to cause a DoS (Denial of Service).

The weakness is caused due to an unspecified error and can be exploited to corrupt memory.

Successful exploitation crashes the browser. Execution of arbitrary code has not been proven, but can't be completely ruled out.

The weakness has been confirmed in version 1.5.0.6 for Windows. Other versions may also be affected.

NOTE: Secunia normally doesn't classify a browser crash as a vulnerability nor issue an advisory about it. However, the potential risc of this issue may be more severe than currently believed, which justifies for an advisory being issued.

Solution:
Do not visit untrusted web sites.
Secunia Advisory

Not sure if this affects the GNU/Linux version of Firefox. Can anyone confirm?

Last edited by win32sux; 08-17-2006 at 10:51 PM.
 
Old 09-15-2006, 06:14 AM   #23
win32sux
Guru
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Original Poster
Rep: Reputation: 371Reputation: 371Reputation: 371Reputation: 371
Exclamation Mozilla Firefox Multiple Vulnerabilities (HIGHLY CRITICAL)

Quote:
Description:
Some vulnerabilities have been reported in Mozilla Firefox, which can be exploited by malicious people to conduct man-in-the-middle, spoofing, and cross-site scripting attacks, and potentially compromise a user's system.

1) An error in the handling of JavaScript regular expressions containing a minimal quantifier can be exploited to cause a heap-based buffer overflow.

Successful exploitation may allow execution of arbitrary code.

2) The auto-update mechanism uses SSL to communicate securely. The problem is that users may have accepted an unverifiable self-signed certificate when visiting a web site, which will allow an attacker to redirect the update check to a malicious web site in a man-in-the-middle attack.

3) Some time-dependent errors during text display can be exploited to corrupt memory.

Successful exploitation may allow execution of arbitrary code.

4) An error exists within the verification of certain signatures in the bundled Network Security Services (NSS) library.

5) An error in the cross-domain handling can be exploited to inject arbitrary HTML and script code in a sub-frame of another web site via a "[window].frames[index].document.open()" call.

6) An error exists due to blocked popups opened from the status bar via the "blocked popups" functionality being opened in an incorrect context in certain situations. This may be exploited to execute arbitrary HTML and script code in a user's browser session in context of an arbitrary web site.

7) Some unspecified memory corruption errors may be exploited to execute arbitrary code.

Solution:
Update to version 1.5.0.7.
http://www.mozilla.com/firefox/
Secunia Advisory
 
Old 09-19-2006, 03:10 PM   #24
the_darkside_986
Member
 
Registered: Feb 2006
Distribution: Ubuntu Feisty (7.04)
Posts: 106

Rep: Reputation: 15
It seems that the popular browsers like IE and Firefox are attacked, but mostly IE. So I guess I should use an obscure browser like lynx or something when I want to visit a dangerous looking site (not that I visit any sites that I don't trust...) since I don't think anyone would waste time writing a virus for a text-based browser lol.
 
Old 10-01-2006, 08:25 PM   #25
win32sux
Guru
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Original Poster
Rep: Reputation: 371Reputation: 371Reputation: 371Reputation: 371
Exclamation Hackers claim zero-day flaw in Firefox

Quote:
The open-source Firefox Web browser is critically flawed in the way it handles JavaScript, two hackers said Saturday afternoon. [...] The JavaScript issue appears to be a real vulnerability, Window Snyder, Mozilla's security chief, said after watching a video of the presentation Saturday night.
Full Story

Last edited by win32sux; 10-01-2006 at 08:28 PM.
 
Old 10-02-2006, 07:30 AM   #26
the_darkside_986
Member
 
Registered: Feb 2006
Distribution: Ubuntu Feisty (7.04)
Posts: 106

Rep: Reputation: 15
It says that all OS users are affected (Windows, Mac OSX, Linux) but I don't see how it could get me if I am running Suse Linux as non-root. But I guess it would try to get my e-mail address. That's just more annoying than it is malicious.
 
Old 10-02-2006, 08:36 AM   #27
unSpawn
Moderator
 
Registered: May 2001
Posts: 26,529
Blog Entries: 51

Rep: Reputation: 2601Reputation: 2601Reputation: 2601Reputation: 2601Reputation: 2601Reputation: 2601Reputation: 2601Reputation: 2601Reputation: 2601Reputation: 2601Reputation: 2601
The open-source Firefox Web browser is critically flawed in the way it handles JavaScript
No kidding. Anyone who has ever disabled Java and Javascript in FF knows you can *still* encounter the "Do you want to stop this script?" message that only pops up when a Javascript has run for too long (dom.max_script_run_time, IIRC) which means even if it says "off" it apparently *still* parses Javascript.


But I guess it would try to get my e-mail address.
I read three counts of being able to "execute arbitrary code" which, even if you couldn't exploit that in any practical way, each would be far more interesting than harvesting mere email addresses.
 
Old 10-02-2006, 09:54 AM   #28
MBA Whore
Member
 
Registered: May 2006
Location: Kansas City, MO
Distribution: Ubuntu / Windows dual boot (for now)
Posts: 515

Rep: Reputation: 30
For unSpawn (and anyone else reading)

I ran accross that "zero day" article too (http://news.zdnet.com/2100-1009_22-6121608.html). I have two (2) questions. The 1st question is easy:

1) What does "zero day" mean?

The 2nd question requires a bit of background.

Assume I am running FF and some malicious script wants to get in and assume it does get it. Let's pretend that the command it runs is something to wipe my files, like: "rm -fr ~/*"

Now, assume I have two (2) Linux user accounts (neither is root). They both share the same "home" partition but of course, each account has its own home directory. Also, User account #1 has more read and write privledges (sp?)than User account #2. For example, User account #1 can read and write everything in both User account home directories. User account #2, however, can only read and write to its own home directory, though it can read the mp3 files I have in the User account #1directory.

My 2nd question:

2) If I am running Firefox via User account #2 and this malicious script jumps on board, will it fark up the directories in both user accounts, or only User account #2? What about my mp3 files?

Thanks!
 
Old 10-02-2006, 10:43 AM   #29
win32sux
Guru
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Original Poster
Rep: Reputation: 371Reputation: 371Reputation: 371Reputation: 371
Quote:
Originally Posted by MBA Whore
1) What does "zero day" mean?
http://en.wikipedia.org/wiki/Zero_da...ulnerabilities

Quote:
2) If I am running Firefox via User account #2 and this malicious script jumps on board, will it fark up the directories in both user accounts, or only User account #2? What about my mp3 files?
it depends... typically browser exploits will allow code to be executed with the privilages of the user running it... in that case, the regular linux/unix permission scheme will prevent the non-writable files from being compromised...

but once an attacker has the ability to execute code as the non-root user running firefox, he has the possibility of hitting you with a local privilage escalation exploit (if you have such a vulnerability on your system) - and of course once he gets to be root, then system access is virtually unlimited for him - unless you have setup some sort of additional armour like selinux or something like that...

Last edited by win32sux; 10-02-2006 at 11:57 AM.
 
Old 10-02-2006, 12:36 PM   #30
MBA Whore
Member
 
Registered: May 2006
Location: Kansas City, MO
Distribution: Ubuntu / Windows dual boot (for now)
Posts: 515

Rep: Reputation: 30
Quote:
Originally Posted by win32sux
http://en.wikipedia.org/wiki/Zero_da...ulnerabilities

it depends... typically browser exploits will allow code to be executed with the privilages of the user running it... in that case, the regular linux/unix permission scheme will prevent the non-writable files from being compromised...

but once an attacker has the ability to execute code as the non-root user running firefox, he has the possibility of hitting you with a local privilage escalation exploit (if you have such a vulnerability on your system) - and of course once he gets to be root, then system access is virtually unlimited for him - unless you have setup some sort of additional armour like selinux or something like that...

How can you prevent a "local privilage escalation exploit?" Is there certain software you dl or do you need to play around with your OS settings?

What about requiring "root" to install something? I was under the impression that in Linux you do not normally run as root, so if something tried to install, some pop up window would say "you need root access to proceed" . . .or something like that. Since I am obviously not running as root, how could it install something?

Or is it more complicated than the "do not run as root" argument?

Thanks.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Trackbacks are Off
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
LXer: Mozilla Thunderbird to Find New Home as Mozilla Foundation Focuses on Mozilla Firefox LXer Syndicated Linux News 0 07-27-2007 09:16 AM
LXer: Mozilla Firefox 1.5.0.8 and Mozilla Thunderbird 1.5.0.8 Released LXer Syndicated Linux News 0 11-09-2006 05:21 PM
LXer: Mozilla Corporation Signs Mozilla Firefox Distribution Deal with RealNetworks LXer Syndicated Linux News 0 08-03-2006 03:21 PM
LXer: Mozilla Firefox and Mozilla Thunderbird 1.5.0.5 Community Test Day LXer Syndicated Linux News 0 07-14-2006 08:54 AM
Mozilla flaws could allow attacks, data access into Firefox & Mozilla web browsers! t3gah Linux - Security 6 04-09-2006 04:00 AM


All times are GMT -5. The time now is 07:02 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration