Posted on 09/09/2005 9:43:47 AM PDT by Bush2000
Unpatched Firefox flaw may expose users
By Joris Evers, CNET News.com
Published on ZDNet News: September 9, 2005, 3:53 AM PT
A new, unpatched flaw in that affects all versions of Firefox could let attackers surreptitiously run malicious code on users' PCs, a security researcher has warned.
The problem lies in the way Firefox handles Web links that are overly long and contain dashes, security researcher Tom Ferris said in an interview via instant messaging late Thursday.
He posted an advisory and a proof of concept to the Full Disclosure security mailing list and to his Security Protocols Web site.
The security vulnerability is a buffer overflow flaw that "allows for an attacker to remotely execute arbitrary code" on a vulnerable PC, Ferris said. An attacker could host a Web site containing the malicious code to exploit the flaw, he said. Though his proof of concept only crashes Firefox, Ferris claims he has been able to tweak it to run code.
Buffer overflows are a commonly exploited security problem. They occur when a program allows data to be written beyond the allocated end of a buffer in memory. A computer can be made to execute potentially malicious code by feeding in extra data that is designed to flood the buffer.
Ferris reported the bug to the Mozilla Foundation on Sunday, intending to go through the organization's bug-reporting process, he said. However, in an example of the uneasy alliance between security researchers and software makers, he decided to publicly disclose the flaw after a run-in with Mozilla staff, he said.
Mozilla, which coordinates development of Firefox and distributes the software, could not immediately comment on the flaw disclosure. However, a source close to the organization confirmed that Ferris had filed several bug reports, including this specific one.
Since the debut of Firefox 1.0 in November, usage of the open-source browser has grown. Security has been a main selling point for Firefox over Microsoft's Internet Explorer, which has begun to see its market share dip slightly--for the first time in years.
However, Firefox has had its own security woes. Several serious holes in the browser have been plugged since its official release, and experts have said that safe Web browsers don't exist.
The public bug disclosure comes just as Mozilla released the first beta of Firefox 1.5. The final release of the next Firefox update, which includes security enhancements, is due by year's end, according to the Firefox road map.
Ferris has found bugs in Microsoft software before, including a yet-unpatched flaw in Internet Explorer that Microsoft still has under investigation.
Earlier this month Microsoft credited Ferris with reporting a bug in a Windows feature called Remote Desktop Protocol that could allow an attacker to remotely restart Windows systems.
adam: in birdworld, ms giving software to the (not really communist) chicomms is actually termed a "potential sale." Didn't you get the memo?
Actually, his "facts" and "studies" have holes that you can drive a truck through. This has been pointed out to him repeatedly, but then in the next thread, he brings back the same set of dubious links.
The root problem, IMO, is that some people still subscribe to the "What's good for GM is good for America" philosophy that was rampant in the 50s and 60s, and which led ultimately to the decline of the auto industry in the 70s and 80s. Monopolies kill innnovation where they have power, so invariably innovation happens elsewhere.
The truth of the matter is that Open Source has saved Microsoft on more than one occasion, notably the advent of the Internet in the early 90s. And you can still grep through the Windows XP dlls and exes and find BSD copyright notices today as a consequence. Without that, we'd be using the ISO OSI protocol stack, with an OS probably written in France. Scary.
Like the hole in firefox may be a better analogy.
The truth of the matter is that Open Source has saved Microsoft on more than one occasion, notably the advent of the Internet in the early 90s.
That is far from the truth. My understanding was Microsoft just about missed the boat for the Internet. If they weren't nearly a monopoly at the time they would have missed the boat. They had to turn on a dime and get IE out the door to try and get back out in front. The Internet nearly cost Microsoft its dominance. Many people have marveled at how they turned on a dime and got back in the lead, but they were definitely behind the 8-ball and had to do what no other large company could do to get back in front.
This lady I know has a community web site, there are only 14 registured posters on there so she's no finincal threat to anyone.
The question I have is, when you post a comment on her site, the timestamp is wrong. Let's say you posted at 1:00 p.m. the timestamp shows you posting at 4:30 a.m. I fixed my timestamp by going into my profile page and setting the clock - 5 hours GMT.
How does she fix it where it automatically sets everybodies posting time correctly?
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.