Security Bytes: Exploit code targets older versions of Firefox |
 |
By SearchSecurity.com Staff
14 Dec 2005 | SearchSecurity.com |
|
|
Exploit code targets older versions of Firefox
An Israeli tech developer says Firefox users who haven't upgraded since version 1.0.4 should consider doing so immediately. The developer, Aviv Raff, wrote in his blog over the weekend that attackers could cause a denial-of-service using an older flaw related to how Firefox processes Javascript. The security hole was fixed in Firefox 1.0.5 and Mozilla Suite 1.7.9 in July. To prove his point, Raff published exploit code.
"By creating a huge Web page title and filling the history.dat file with large content," he said, "Firefox will hang for some time depending [on] the content size and the user's system." He noted that the Mozilla Foundation published an advisory saying the issue isn't very serious because the browser's unresponsiveness is brief and only occurs at startup. "This is true for the proof-of-concept (PoC) exploit, and for people with strong computers," he said. "But by modifying the PoC, an attacker can easily achieve a humongous history.dat file, which will cause Firefox to hang (with 100% CPU utilization) for a LONG, LONG time." He said the right workaround would be to delete the history.dat file. "Moreover," he said, "Mozilla Foundation should acknowledge this problem as more severe, and address it as soon as possible."
Flaw found in Opera browser
Danish vulnerability clearinghouse Secunia warned in an advisory Tuesday that attackers could exploit a flaw in the Opera Web browser to trick users into downloading malicious programs.
"A design error in the processing of mouse clicks in new browser windows and the predictability of the position of the 'File Download' dialog box can be exploited to trick the user into clicking on the 'Run' button of the dialog box," Secunia said. "This is exploited by first causing a 'File Download' dialog box to be displayed underneath a new browser window, and then tricking the user into double-clicking within a specific area in the new window. This will result in an unintended click of the 'Open' button in the hidden 'File Download' dialog box."
Secunia confirmed the vulnerability in version 8.01 and recommended users upgrade to version 8.02 or later.
Cyber alliance to feds: Step up on security
The federal government needs to show more leadership on cybersecurity next year, according to the Cyber Security Industry Alliance (CSIA). The Arlington, Va.-based advocacy group called on the government to "assert greater leadership in the protection of our information infrastructure in 2006" in a statement unveiling its "National Agenda for Information Security" for the coming year. The alliance's agenda identifies various actions required to improve information security, and includes a new "Digital Confidence Index" reflecting the public's lack of confidence in the nation's critical infrastructure.
"Over the past year, the government has taken limited steps to improve the state of information security in our country, such as increased congressional leadership on issues of spyware and identify theft, and the creation of a new assistant secretary for cybersecurity and telecommunications position within the Department of Homeland Security," Paul Kurtz, executive director of CSIA, said in a statement. "However, this is simply not enough. Currently, there is little strategic direction or leadership from the executive branch in the area of information security. Ensuring the resiliency and integrity of our information infrastructure and protecting the privacy of our citizens should be higher on the priority list for our government."
CSIA graded federal agencies on how well they followed through on its recommendations from last year. Overall, the Bush Administration and Congress got a D or below on seven of last year's 12 recommendations and earned a C on four others.
|
|
|
|
