LinuxQuestions.org
Visit the LQ Articles and Editorials section
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Reply
 
Search this Thread
Old 09-21-2005, 12:17 AM   #1
win32sux
Guru
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Rep: Reputation: 371Reputation: 371Reputation: 371Reputation: 371
Exclamation Mozilla Linux Command Line URL Parsing Security Flaw Reported


Quote:
A critical input validation security vulnerability affecting Linux versions of Mozilla Firefox and the Mozilla Application Suite has been reported today. The flaw could allow an attacker to execute arbitrary commands on a victim's system. The bug exists in the Linux shell scripts that Firefox and the Mozilla Application Suite rely on to parse URLs supplied on the command line or by external programs. If the supplied URL contains any Linux commands enclosed in backticks, these will be executed before Firefox or the Mozilla Application Suite tries to open the URL. Variables such as $HOME will also be expanded.
Complete Article


This bug has been classified as Extremely Critical by Secunia:

http://secunia.com/advisories/16869/




BTW, from the mozillaZine article:
Quote:
A solution to this flaw has been developed and will be included in the forthcoming Firefox 1.0.7 and Mozilla 1.7.12 releases.

Last edited by win32sux; 09-21-2005 at 01:11 AM.
 
Old 09-21-2005, 09:07 AM   #2
Capt_Caveman
Senior Member
 
Registered: Mar 2003
Distribution: Fedora
Posts: 3,658

Rep: Reputation: 57
Thanks for the info on this. I'll sticky it for awhile.
 
Old 09-22-2005, 02:27 PM   #3
win32sux
Guru
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Original Poster
Rep: Reputation: 371Reputation: 371Reputation: 371Reputation: 371
Quote:
Mozilla Firefox 1.0.7, a security and stability update to the flagship Mozilla browser, is now available for download. Fixes are included for the international domain name (IDN) link buffer overflow vulnerability and the Linux command line URL parsing flaw. There are also other security and stability changes, including a fix for a crash experienced when using certain Proxy Auto-Config scripts. In addition, some regressions introduced by previous 1.0.x security updates have been resolved.
Complete Article | Release Notes


Quote:
Mozilla 1.7.12, a security and stability update to the Mozilla Application Suite, is now available for download. Fixes are included for the international domain name (IDN) link buffer overflow vulnerability and the Linux command line URL parsing flaw. There are also other security and stability changes, including a fix for a crash experienced when using certain Proxy Auto-Config scripts. In addition, some regressions introduced by previous 1.7.x security updates have been resolved. If this description sounds like our article on Mozilla Firefox 1.0.7, that's because most of the fixes included in the two releases are the same.
Complete Article | Release Notes



Last edited by win32sux; 09-23-2005 at 10:43 PM.
 
Old 09-23-2005, 06:56 AM   #4
rjw1678
Member
 
Registered: Sep 2003
Location: Delaware, USA
Distribution: Ubuntu 12.04 LTS
Posts: 55

Rep: Reputation: 15
I have read on secunia.com that Thunderbird has the same flaw. mozilla.org says that a workaround is "Do not click on links in spam or other mail from people you don't know. " and "Do not use the affected programs as the default handler for URLs. "

Later
Bob W.
 
Old 09-23-2005, 10:40 PM   #5
win32sux
Guru
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Original Poster
Rep: Reputation: 371Reputation: 371Reputation: 371Reputation: 371
you are correct, rjw1678... personally, i do find it a little odd that a thunderbird 1.0.7 wasn't released parallel to firefox 1.0.7, but i'm sure there's a rational explanation...


Last edited by win32sux; 09-24-2005 at 12:44 AM.
 
Old 09-29-2005, 04:28 AM   #6
floppywhopper
Member
 
Registered: Aug 2004
Location: Albany, Western Australia
Distribution: Mageia 4.1, SME Server 8
Posts: 625
Blog Entries: 2

Rep: Reputation: 55
I take it that you are refering to this

http://www.mozilla.org/security/anno...sa2005-59.html

floppy
 
Old 09-29-2005, 12:24 PM   #7
win32sux
Guru
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Original Poster
Rep: Reputation: 371Reputation: 371Reputation: 371Reputation: 371
Quote:
Originally posted by floppywhopper
I take it that you are refering to this

http://www.mozilla.org/security/anno...sa2005-59.html

floppy
yes, notice how they mention firefox, thunderbird, and mozilla as affected products:
Quote:
Products: Firefox, Thunderbird, Mozilla Suite
yet for "fixed in" thunderbird isn't mentioned:
Quote:
Fixed in: Firefox 1.0.7
Mozilla Suite 1.7.12
and of course if you go into secunia.com you will see on the front page the extremely critical advisory for thunderbird, as it's still listed as unpatched at the time of this post:

http://secunia.com/advisories/16901/
 
Old 09-30-2005, 06:47 AM   #8
rjw1678
Member
 
Registered: Sep 2003
Location: Delaware, USA
Distribution: Ubuntu 12.04 LTS
Posts: 55

Rep: Reputation: 15
Thunderbird 1.0.7 is available.

Later
Bob W
 
Old 09-30-2005, 12:51 PM   #9
win32sux
Guru
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Original Poster
Rep: Reputation: 371Reputation: 371Reputation: 371Reputation: 371
Quote:
Originally posted by rjw1678
Thunderbird 1.0.7 is available.
thanks for the good news!!!

here's a link to the release notes for thunderbird 1.0.7:

http://www.mozilla.org/products/thun...ase-notes.html
 
Old 10-06-2005, 06:39 AM   #10
win32sux
Guru
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Original Poster
Rep: Reputation: 371Reputation: 371Reputation: 371Reputation: 371
FYI, a non-critical DoS vulnerability has been found in firefox 1.0.7:

http://secunia.com/advisories/17071/

 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Parsing URL in PHP benrose111488 Programming 6 10-12-2005 12:12 PM
URL-Encoding on the command line? MikeyCarter Linux - Software 2 09-27-2005 08:10 AM
Fetching files via http (url) command line podollb Linux - Software 1 06-08-2004 05:01 PM
Is this a Linux security flaw ? josedsilva Linux - Security 3 05-24-2002 12:03 AM
Flaw weakens Linux security software nikhiljosh Linux - Security 0 03-03-2002 04:20 AM


All times are GMT -5. The time now is 09:07 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration