LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Security (http://www.linuxquestions.org/questions/linux-security-4/)
-   -   Mozilla flaws could allow attacks, data access into Firefox & Mozilla web browsers! (http://www.linuxquestions.org/questions/linux-security-4/mozilla-flaws-could-allow-attacks-data-access-into-firefox-and-mozilla-web-browsers-314670/)

t3gah 04-18-2005 06:38 PM

Mozilla flaws could allow attacks, data access into Firefox & Mozilla web browsers!
 
Quote:

Mozilla flaws could allow attacks, data access!

Date: Monday, 18 April 2005
... could allow an attacker to install malicious code or steal personal data have been discovered in the Mozilla Suite and the Firefox open-source browser.

Details of the nine flaws were published on Mozilla's security Web site over the weekend.
Quote link > http://www.linuxsecurity.com/content/view/118903/65/

Any Mozilla.org browser earlier than Mozilla 1.7.7 and Firefox 1.0.3 is vulnerable.

So if you've downloaded that Firefox 1.0.2-3 RPM from http://fedora.redhat.com you may be in for it!

secesh 04-18-2005 09:22 PM

1) since it was c-net's article, why not give them the credit, instead of linking through linux security, which just copied the article?

2) this backs the (inacurate) arguement that there is no such thing as a virus in linux, only shoddy permissions. The vulnerability in mozilla/firefox would be far more devistating to a windows user, especially one with admin rights (most any windows user). and far less could be accomplished by gaining regular-user access to a linux machine -- because nobody here runs as root regularly... --this, and the market share of windows means i expect more exploits to be written for a windows platform... giving me even less concern over this issue

in conclusion, go ahead and scream about it in a windows forum, but i don't think we need all the hype in here... maybe i'm a little too low-key, but i don't see this as a major threat. moreover, i get a kick out of how people have come running to me to tell me about security vulnerabilities they've heard exist in firefox (because i like to promote it to people, they like to share their experiences) --because somehow they never hear of problems with security with IE, or windows in general. i laugh at them, and try to polietly explain how vulnerabilities are a fact of life, and always will be.

reddazz 04-19-2005 12:44 AM

A dramatic article from cnet, for flaws that have already been publicly mentioned over the last few weeks.

kencaz 04-19-2005 01:02 AM

Quote:

Originally posted by secesh
1) since it was c-net's article, why not give them the credit, instead of linking through linux security, which just copied the article?

2) this backs the (inacurate) arguement that there is no such thing as a virus in linux, only shoddy permissions. The vulnerability in mozilla/firefox would be far more devistating to a windows user, especially one with admin rights (most any windows user). and far less could be accomplished by gaining regular-user access to a linux machine -- because nobody here runs as root regularly... --this, and the market share of windows means i expect more exploits to be written for a windows platform... giving me even less concern over this issue

in conclusion, go ahead and scream about it in a windows forum, but i don't think we need all the hype in here... maybe i'm a little too low-key, but i don't see this as a major threat. moreover, i get a kick out of how people have come running to me to tell me about security vulnerabilities they've heard exist in firefox (because i like to promote it to people, they like to share their experiences) --because somehow they never hear of problems with security with IE, or windows in general. i laugh at them, and try to polietly explain how vulnerabilities are a fact of life, and always will be.

You said it!!!! and I have also stated in past posts. Viruses can only attack files that are available to the virus. A user downloading a program that contains a virus would still have to be able to write to it, IE permission!!! that is the key to Linux and why Windows until recently suffers. A virus can attatch itself to any .exe, .dll or .sys file in windows with-out any permission or knowledge from the user. That is, why I think, windows has so many wholes. A virus can't infect a system that it cannot write too!!! Windows FINALLY got the massage when they added Admin and user accounts on 2k and XP. sheesh....

Just a thought.

KC

TruckStuff 04-19-2005 08:34 AM

Mozilla really needs to hire the guy that keeps finding these holes. He's been ripping through every release of Firefox for the last 6-8 weeks.

reddazz 04-19-2005 09:25 AM

I don't think its the same guy who found all the vulnerabilities.

Old_Fogie 04-09-2006 04:00 AM

I just swithched over to linux becuase I loved the open source browser. I could not believe the way new ideas, implementations such as extensions! existed in open-source.


All times are GMT -5. The time now is 03:28 AM.