LinuxQuestions.org
Latest LQ Deal: Latest LQ Deals
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 09-26-2008, 07:55 PM   #106
win32sux
LQ Guru
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Original Poster
Rep: Reputation: 380Reputation: 380Reputation: 380Reputation: 380
Multiple Web Browsers Affected by Clickjacking


Quote:
US-CERT is aware of public reports of a new cross-browser exploit technique called "Clickjacking." According to one of the reports, Clickjacking gives an attacker the ability to trick a user into clicking on something only barely or momentarily noticeable. Therefore, if a user clicks on a web page, they may actually be clicking on content from another page. A separate report indicates that this flaw affects most web browsers and that no fix is available, but that disabling browser scripting and plug-ins may help mitigate some of the risks.

An additional report suggests that Firefox users consider using the NoScript plug-in as an added preventative measure. Disabling IFRAMEs by default, as outlined in the Securing Your Web Browser document, is reported to protect against the vulnerability.

US-CERT encourages users to review the report and follow the security recommendations as described in the Securing Your Web Browser document to help mitigate some of the risks.

US-CERT will provide additional information as it becomes available.
US-CERT Current Activity
 
Old 10-01-2008, 10:04 AM   #107
win32sux
LQ Guru
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Original Poster
Rep: Reputation: 380Reputation: 380Reputation: 380Reputation: 380
Mozilla Firefox "keypress" User Interface Event Dispatching Weakness

Haven't been able to confirm whether the GNU/Linux version is affected, but here it is:
Quote:
Description:
Aditya K Sood has discovered a weakness in Mozilla Firefox, which can be exploited by malicious people to cause a DoS (Denial of Service).

The weakness is caused due to an error when dispatching "keypress" user interface events with e.g. the HTML root element as target. This may potentially result in use of invalid memory or memory corruption via a specially crafted web page.

Successful exploitation crashes the browser. However, even though code execution has not been proven, it can't be completely ruled out.

The weakness is confirmed in version 3.0.3 for Windows. Version 2.x is not affected.

NOTE: Secunia normally does not classify a browser crash as a vulnerability nor issue an advisory about it. However, the potential impact of this issue may be more severe than currently believed.

Solution:
The weakness is fixed in the pre-release nightly builds of 3.1 and will be fixed in the upcoming version 3.0.4.
Secunia Advisory
 
Old 10-14-2008, 12:36 PM   #108
win32sux
LQ Guru
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Original Poster
Rep: Reputation: 380Reputation: 380Reputation: 380Reputation: 380
Firefox .url Shortcut File Information Disclosure

Quote:
Description:
A vulnerability has been reported in Firefox, which can be exploited by malicious people to disclose sensitive information.

The vulnerability is caused due to an error when processing .url shortcuts in HTML elements. This can be exploited to disclose potentially sensitive information from the cache.

Successful exploitation requires that a user is e.g. tricked into opening an HTML page from a local directory or a RAR archive containing .url files.

The vulnerability is reported in version 3.0.3. Other versions may also be affected.

Solution:
Do not open HTML files from untrusted sources.
Secunia Advisory
 
Old 11-12-2008, 09:05 PM   #109
win32sux
LQ Guru
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Original Poster
Rep: Reputation: 380Reputation: 380Reputation: 380Reputation: 380
Firefox 3.0.4 has been released.

It includes fixes for many security vulnerabilities, several of which are categorized as critical.
 
Old 12-12-2008, 05:27 PM   #110
keithinfrance
LQ Newbie
 
Registered: May 2007
Location: France, Josselin
Distribution: Kanotix,Knoppix,Myrinix
Posts: 9
Blog Entries: 1

Rep: Reputation: 1
Firefox - Banking problems ..... does it affect Linux users

http://www.techjaws.com/firefox-user...f-new-malware/

From the report ….

SYMPTOMS:
Presence of the:
“%ProgramFiles%\Mozilla Firefox\plugins\npbasic.dll”
“%ProgramFiles%\Mozilla Firefox\chrome\chrome\content\browser.js”
files in the Mozilla Firefox’s plugins and chrome folders.

TECHNICAL DESCRIPTION:
It drops an executable file (which is a Firefox 3 plugin) and a JavaScript file (detected by Bitdefender as: Trojan.PWS.ChromeInject.A) into the Firefox plugins and chrome folders respectively.

Checks may be needed to see if similar version of the code can run in linux ….

Will the following files run in linux ?
(using wine ? will a .dll run in linux !!!)
Can the virus work without the .dll running ?

Is there another version that works within Linux ?

Does anybody know - if it as been checked out yet ?

________________________________________________________________________________

I have added this on here as I want to find out quickly if this can run in linux

or if there is another version aimed at Linux ?
 
Old 12-12-2008, 08:28 PM   #111
unSpawn
Moderator
 
Registered: May 2001
Posts: 29,415
Blog Entries: 55

Rep: Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600
Quote:
Originally Posted by keithinfrance View Post
Will the following files run in linux ? (..) Can the virus work without the .dll running ? (..) Is there another version that works within Linux ? (..) Does anybody know - if it as been checked out yet ?
0) it needs an incendiary (piggyback on something else or active install by the user), 1) the malware currently queries the registry for the mozilla install path 2) it's not an executable or a plugin but an add-on showing the name "npbasic" in the add-ons screen, 3) the files it drops or changes are chrome\chrome\content\browser.js, chrome\chrome\content\browser.xul, plugins\npbasic.dll, plugins\npbasic.dll1 and chrome\browser.manifest, 4) DLL's are not equal to .so's and 5) the "add-on" will be activated when the browser is restarted. So my short answer would be "no", and not right now and that I know of.
 
Old 12-13-2008, 07:05 AM   #112
keithinfrance
LQ Newbie
 
Registered: May 2007
Location: France, Josselin
Distribution: Kanotix,Knoppix,Myrinix
Posts: 9
Blog Entries: 1

Rep: Reputation: 1
Thanks ....

Cheers ... I was just worried that there might be a similar one ....... on linux.

The other reason I wrote this was just to make sure as many people were aware of it as possible ...... that way a solution if needed could be found quickly.

Thanks for your timely response ..... Keith.....
 
Old 12-13-2008, 08:24 AM   #113
unSpawn
Moderator
 
Registered: May 2001
Posts: 29,415
Blog Entries: 55

Rep: Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600Reputation: 3600
Quote:
Originally Posted by keithinfrance View Post
I was just worried that there might be a similar one ....... on linux.
No, all I said was that I am not aware of there being one right now. I explicitly did not say that Firefox add-ons, plugins and whatnot or their delivery methods are without problems.


Quote:
Originally Posted by keithinfrance View Post
The other reason I wrote this was just to make sure as many people were aware of it as possible ...... that way a solution if needed could be found quickly.
If you want a solution you should use the developers bug tracker first IMHO.
 
Old 12-17-2008, 11:59 AM   #114
win32sux
LQ Guru
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Original Poster
Rep: Reputation: 380Reputation: 380Reputation: 380Reputation: 380
Firefox 3.0.5 has been released.

It includes fixes for many security vulnerabilities, several of which are categorized as critical.
 
Old 01-02-2009, 06:18 AM   #115
win32sux
LQ Guru
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Original Poster
Rep: Reputation: 380Reputation: 380Reputation: 380Reputation: 380
A recent post on the Mozilla Security Blog warns about the dangers of the recently disclosed MD5 weakness.

I'm posting a heads-up here, but please use this thread if you wish to discuss the vulnerability.
 
Old 02-04-2009, 06:34 AM   #116
win32sux
LQ Guru
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Original Poster
Rep: Reputation: 380Reputation: 380Reputation: 380Reputation: 380
Firefox 3.0.6 has been released.

It includes fixes for many security vulnerabilities, one of which is categorized as critical.
 
Old 02-20-2009, 05:38 PM   #117
win32sux
LQ Guru
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Original Poster
Rep: Reputation: 380Reputation: 380Reputation: 380Reputation: 380
Mozilla Firefox International Domain Name Subdomain URI Spoofing Vulnerability

Quote:
Mozilla Firefox is affected by a URI-spoofing vulnerability because it fails to adequately handle specific characters in international domain name (IDN) subdomains.

An attacker may leverage this issue to spoof the source URI of a site presented to an unsuspecting user. This may lead to a false sense of trust because the user may be presented with a source URI of a trusted site while interacting with the attacker's malicious site.

Firefox 3.0.6 is vulnerable; other versions may also be affected.
Bugtraq

For tons of articles about this guy's findings, click here.

Last edited by win32sux; 02-20-2009 at 05:42 PM.
 
Old 02-20-2009, 08:22 PM   #118
craigevil
Senior Member
 
Registered: Apr 2005
Location: OZ
Distribution: Debian Sid/RPIOS
Posts: 4,883
Blog Entries: 28

Rep: Reputation: 533Reputation: 533Reputation: 533Reputation: 533Reputation: 533Reputation: 533
about:config

network.enableIDN toggle to false

This was a bug if Firefox a while back you would have thought they would have fixed it by now.
 
Old 02-24-2009, 04:03 AM   #119
win32sux
LQ Guru
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Original Poster
Rep: Reputation: 380Reputation: 380Reputation: 380Reputation: 380
Mozilla Firefox 'designMode' Null Pointer Dereference Denial of Service Vulnerability

Quote:
Mozilla Firefox is prone to a remote denial-of-service vulnerability.

Successful exploits can allow attackers to crash the affected browser, resulting in denial-of-service conditions.

Firefox 3.0.5 and 3.0.6 are vulnerable; other versions may also be affected.
Bugtraq

NOTE: I can confirm the exploit works on Firefox 3.0.6 (Ubuntu 8.10).

Last edited by win32sux; 02-24-2009 at 06:29 AM.
 
Old 03-04-2009, 07:03 PM   #120
win32sux
LQ Guru
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Original Poster
Rep: Reputation: 380Reputation: 380Reputation: 380Reputation: 380
Firefox 3.0.7 has been released.

It includes fixes for several security vulnerabilities. Release notes available here.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
LXer: Mozilla Thunderbird to Find New Home as Mozilla Foundation Focuses on Mozilla Firefox LXer Syndicated Linux News 0 07-27-2007 09:16 AM
LXer: Mozilla Firefox 1.5.0.8 and Mozilla Thunderbird 1.5.0.8 Released LXer Syndicated Linux News 0 11-09-2006 05:21 PM
LXer: Mozilla Corporation Signs Mozilla Firefox Distribution Deal with RealNetworks LXer Syndicated Linux News 0 08-03-2006 03:21 PM
LXer: Mozilla Firefox and Mozilla Thunderbird 1.5.0.5 Community Test Day LXer Syndicated Linux News 0 07-14-2006 08:54 AM
Mozilla flaws could allow attacks, data access into Firefox & Mozilla web browsers! t3gah Linux - Security 6 04-09-2006 04:00 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 01:26 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration