LinuxQuestions.org
Review your favorite Linux distribution.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Reply
 
Search this Thread
Old 02-16-2007, 09:31 PM   #46
win32sux
Guru
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Original Poster
Rep: Reputation: 371Reputation: 371Reputation: 371Reputation: 371
Mozilla Firefox "locations.hostname" DOM Property Handling Vulnerability


MODERATELY CRITICAL
Quote:
Description:
Michal Zalewski has reported a vulnerability in Mozilla Firefox, which can be exploited by malicious people to bypass certain security restrictions.

The vulnerability is caused due to an error in the handling of the "locations.hostname" DOM property. This can be exploited to e.g. manipulate authentication cookies for an arbitrary web site via assigning a URL including a NULL character ("\x00") to "locations.hostname".

Successful exploitation requires that the user is e.g. tricked into visiting a malicious web site.

The vulnerability is reported in version 2.0.0.1. Other versions may also be affected.

NOTE: Other issues have also been reported, some of which are also related to the "locations.hostname" DOM property.

Solution:
Do not browse untrusted web sites.
Secunia Advisory | CVE-2007-0981
 
Old 02-19-2007, 02:02 PM   #47
win32sux
Guru
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Original Poster
Rep: Reputation: 371Reputation: 371Reputation: 371Reputation: 371
Mozilla Firefox "_blank" Phishing Weakness

NOT CRITICAL
Quote:
Description:
Michal Zalewski has discovered a weakness in Firefox, which can be exploited by malicious people to conduct phishing attacks.

The weakness is caused due to Firefox allowing scripts to open a tab with a blank address bar and add arbitrary content to it. This can further be exploited to spoof the user interface, including setting the title to an arbitrary value.

The weakness is confirmed in version 2.0.0.1. Other versions may also be affected.

Solution:
Do not browse untrusted sites.
Secunia Advisory
 
Old 02-24-2007, 03:53 PM   #48
win32sux
Guru
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Original Poster
Rep: Reputation: 371Reputation: 371Reputation: 371Reputation: 371
Exclamation Mozilla Firefox Multiple Vulnerabilities

HIGHLY CRITICAL
Quote:
Description:
Multiple vulnerabilities have been reported in Mozilla Firefox, which can be exploited by malicious people to bypass certain security restrictions, conduct cross-site scripting and spoofing attacks, gain knowledge of sensitive information, and potentially compromise a user's system.

1) An error in the handling of the "locations.hostname" DOM property can be exploited to bypass certain security restrictions.

For more information:
SA24175

2) An integer underflow error in the Network Security Services (NSS) code when processing SSLv2 server messages can be exploited to cause a heap-based buffer overflow via a certificate with a public key too small to encrypt the "Master Secret".

Successful exploitation may allow execution of arbitrary code.

NOTE: Support for SSLv2 is disabled in Firefox 2.x. This version is only vulnerable if user has modified hidden internal NSS settings to re-enable SSLv2 support.

3) It is possible to conduct cross-site scripting attacks against sites containing a frame with a "data:" URI as source.

Successful exploitation requires that a user is tricked into visiting a malicious website and opening a blocked popup.

4) It is possible to open windows containing local files thereby stealing the contents when the full path of a locally saved file containing malicious script code is known. This can be exploited in combination with a flaw in the seeding of the pseudo-random number generator causing downloaded files to be saved to temporary files with a somewhat predictable name.

Successful exploitation requires that a user is tricked into visiting a malicious website and opening a blocked popup.

5) Browser UI elements like the host name and security indicators can be spoofed using a specially crafted custom cursor and manipulating the CSS3 hotspot property.

6) It may be possible to gain knowledge of sensitive information from a website due to an error resulting in two web pages colliding in the disk cache thereby potentially appending part of one document to the other.

Successful exploitation requires that a user is tricked into visiting a malicious website while visiting the target website.

7) Various errors in the Mozilla parser when handling invalid trailing characters in HTML tag attribute names and during processing of UTF-7 content when child frames inherit the character set of its parent window can be exploited to conduct cross-site scripting attacks.

8) A vulnerability in the Password Manager may be exploited to conduct phishing attacks.

For more information:
SA23046

9) Multiple memory corruption errors exist in the layout engine, JavaScript engine, and in SVG. Some of these may be exploited to execute arbitrary code on a user's system.

Secunia has constructed the Secunia Software Inspector, which you can use to check if your system is vulnerable:
http://secunia.com/software_inspector/

Solution:
Update to version 2.0.0.2 or 1.5.0.10.
Secunia Advisory
 
Old 02-25-2007, 01:35 PM   #49
MBA Whore
Member
 
Registered: May 2006
Location: Kansas City, MO
Distribution: Ubuntu / Windows dual boot (for now)
Posts: 515

Rep: Reputation: 30
Wait, What ?

Quote:
Originally Posted by win32sux
HIGHLY CRITICAL
Secunia Advisory

Solution:
Update to version 2.0.0.2 or 1.5.0.10.

How would "upgrading" to a lower version "1.5" help?
 
Old 02-25-2007, 03:58 PM   #50
craigevil
Senior Member
 
Registered: Apr 2005
Location: OZ
Distribution: Debian Sid
Posts: 4,732
Blog Entries: 12

Rep: Reputation: 455Reputation: 455Reputation: 455Reputation: 455Reputation: 455
1.5 is a different branch, not a downgrade.

Mozilla released 2.0.0.2 yesterday and Debian released Iceweasel 2.0.0.2 today.
 
Old 02-25-2007, 04:11 PM   #51
win32sux
Guru
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Original Poster
Rep: Reputation: 371Reputation: 371Reputation: 371Reputation: 371
Quote:
Originally Posted by MBA Whore
Solution:
Update to version 2.0.0.2 or 1.5.0.10.

How would "upgrading" to a lower version "1.5" help?
both 2.0.0.y and 1.5.0.y trees are receiving security updates... so for people using 1.5.0.y (such as those of us on Ubuntu 6.06 LTS), then 1.5.0.10 would be the version we'd apt-get update/upgrade to in order to get the latest security fixes in the most stable manner possible...

EDIT: heh, just saw craigevil already replied... oh well...
 
Old 02-27-2007, 03:42 PM   #52
MBA Whore
Member
 
Registered: May 2006
Location: Kansas City, MO
Distribution: Ubuntu / Windows dual boot (for now)
Posts: 515

Rep: Reputation: 30
Since Iceweasel

Quote:
Originally Posted by craigevil
1.5 is a different branch, not a downgrade.

Mozilla released 2.0.0.2 yesterday and Debian released Iceweasel 2.0.0.2 today.

Since Iceweasel is based upon Firefox, does that mean Iceweasel would have the same potential problems noted in these recent Firefox flaws?
 
Old 02-27-2007, 06:02 PM   #53
craigevil
Senior Member
 
Registered: Apr 2005
Location: OZ
Distribution: Debian Sid
Posts: 4,732
Blog Entries: 12

Rep: Reputation: 455Reputation: 455Reputation: 455Reputation: 455Reputation: 455
Debian Changelog iceweasel (2.0.0.2+dfsg-1)
http://packages.debian.org/changelog...sg-1/changelog

Mozilla Foundation Security Advisories
http://www.mozilla.org/projects/secu...firefox2.0.0.2

Covers the recent fixes and changes, the security fixes should be the same for Iceweasel and Firefox.
 
Old 03-20-2007, 08:32 PM   #54
batteryfans
Newbie
 
Registered: Mar 2007
Posts: 1

Rep: Reputation: 0
Question which IE explore is more safe

I usually use two IE explores , one is IE6.0, the other is firefox
I want to know which one is more safe to my system. who can tell me , thanks
 
Old 03-21-2007, 04:08 AM   #55
win32sux
Guru
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Original Poster
Rep: Reputation: 371Reputation: 371Reputation: 371Reputation: 371
Quote:
Originally Posted by batteryfans
I usually use two IE explores , one is IE6.0, the other is firefox
I want to know which one is more safe to my system. who can tell me , thanks
this is kinda off-topic for this thread... additionally, if you are referring to IE and Firefox on Windows, then this is kinda off-topic for this forum... if the latter is the case, please start a thread in the General (non-Linux) forum... either way, this present thread will not be turned into an IE vs. Firefox disussion...

Last edited by win32sux; 03-21-2007 at 04:27 AM.
 
Old 03-21-2007, 02:51 PM   #56
win32sux
Guru
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Original Poster
Rep: Reputation: 371Reputation: 371Reputation: 371Reputation: 371
Firefox 2.0.0.3 and 1.5.0.11 are out!

They address an FTP PASV port-scanning vulnerability.

1.5.0.11 Release Notes: http://www.mozilla.com/en-US/firefox.../1.5.0.11.html

2.0.0.3 Release Notes: http://www.mozilla.com/en-US/firefox.../releasenotes/

Quote:
The FTP protocol includes the PASV (passive) command which is used by Firefox to request an alternate data port. The specification of the FTP protocol allows the server response to include an alternate server address as well, although this is rarely used in practice.

mark@bindshell.net reported that a malicious web page hosted on a specially-coded FTP server could use this feature to perform a rudimentary port-scan of machines inside the firewall of the victim. By itself this causes no harm, but information about an internal network may be useful to an attacker should there be other vulnerabilities present on the network.

Mozilla clients will now ignore the alternate server address.

Last edited by win32sux; 03-21-2007 at 02:54 PM.
 
Old 04-02-2007, 01:25 PM   #57
entz
Member
 
Registered: Mar 2007
Location: Milky Way , Planet Earth!
Distribution: Opensuse
Posts: 453
Blog Entries: 3

Rep: Reputation: 40
Question Two FF versions?

Well , this is the first time I see a software having 2 different version lines being maintained simultaneously !
actually , I've Firefox 1.5.0.7 , should I upgrade to 1.5.0.11 or to the 2.0.0.3 ?
guess this is a lil bit weird , isn't it?

P.S HOw secure/insecure is my current 1.5.0.7 version ?

UPDATE:
I just trusted my dawg and downloaded 2.0.0.3 let's hope that the installation won't be a pain in buttom , LOL

Last edited by entz; 04-02-2007 at 02:06 PM.
 
Old 04-06-2007, 09:56 AM   #58
MBA Whore
Member
 
Registered: May 2006
Location: Kansas City, MO
Distribution: Ubuntu / Windows dual boot (for now)
Posts: 515

Rep: Reputation: 30
From what little I know

Quote:
Originally Posted by entz
Well , this is the first time I see a software having 2 different version lines being maintained simultaneously !
actually , I've Firefox 1.5.0.7 , should I upgrade to 1.5.0.11 or to the 2.0.0.3 ?
guess this is a lil bit weird , isn't it?

P.S HOw secure/insecure is my current 1.5.0.7 version ?

UPDATE:
I just trusted my dawg and downloaded 2.0.0.3 let's hope that the installation won't be a pain in buttom , LOL

entz:

From what little I know, the 1.5 line of Firefox will discontinue security updates as of the end of April 2007. The firefox 2.0 line is the new line.

I don't notice much difference between the 2 lines. However, I have noticed that firefox (regardless of the line) performs better in Linux than in Windows.
 
Old 05-06-2007, 08:25 PM   #59
nathanhillinbl
Member
 
Registered: Aug 2005
Location: Upstate NY
Distribution: Ubuntu 7.10 Gutsy Gibbon
Posts: 100

Rep: Reputation: 15
You might want to update the top post, because i'm running Firefox 1.5.0.7, i'm not sure weather a newer update has came out or not, but still.
 
Old 05-07-2007, 01:47 PM   #60
win32sux
Guru
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Original Poster
Rep: Reputation: 371Reputation: 371Reputation: 371Reputation: 371
Quote:
Originally Posted by nathanhillinbl
You might want to update the top post, because i'm running Firefox 1.5.0.7, i'm not sure weather a newer update has came out or not, but still.
The OP has been updated, thanks. There's been several security updates issued since 1.5.0.7. As has been posted, the current 1.5 version is 1.5.0.11. Either way, you really need to consider upgrading to 2.0.0.x, as is made clear by Mozilla on their Firefox 1.5.0.x download page:
Quote:
Firefox 1.5.0.x will be maintained with security and stability updates until mid-May, 2007. All users are strongly encouraged to upgrade to Firefox 2.
Mid-May starts in like 3 days. =/

Last edited by win32sux; 05-07-2007 at 02:06 PM.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
LXer: Mozilla Thunderbird to Find New Home as Mozilla Foundation Focuses on Mozilla Firefox LXer Syndicated Linux News 0 07-27-2007 09:16 AM
LXer: Mozilla Firefox 1.5.0.8 and Mozilla Thunderbird 1.5.0.8 Released LXer Syndicated Linux News 0 11-09-2006 05:21 PM
LXer: Mozilla Corporation Signs Mozilla Firefox Distribution Deal with RealNetworks LXer Syndicated Linux News 0 08-03-2006 03:21 PM
LXer: Mozilla Firefox and Mozilla Thunderbird 1.5.0.5 Community Test Day LXer Syndicated Linux News 0 07-14-2006 08:54 AM
Mozilla flaws could allow attacks, data access into Firefox & Mozilla web browsers! t3gah Linux - Security 6 04-09-2006 04:00 AM


All times are GMT -5. The time now is 04:39 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration