Posted on 09/09/2005 9:43:47 AM PDT by Bush2000
Unpatched Firefox flaw may expose users
By Joris Evers, CNET News.com
Published on ZDNet News: September 9, 2005, 3:53 AM PT
A new, unpatched flaw in that affects all versions of Firefox could let attackers surreptitiously run malicious code on users' PCs, a security researcher has warned.
The problem lies in the way Firefox handles Web links that are overly long and contain dashes, security researcher Tom Ferris said in an interview via instant messaging late Thursday.
He posted an advisory and a proof of concept to the Full Disclosure security mailing list and to his Security Protocols Web site.
The security vulnerability is a buffer overflow flaw that "allows for an attacker to remotely execute arbitrary code" on a vulnerable PC, Ferris said. An attacker could host a Web site containing the malicious code to exploit the flaw, he said. Though his proof of concept only crashes Firefox, Ferris claims he has been able to tweak it to run code.
Buffer overflows are a commonly exploited security problem. They occur when a program allows data to be written beyond the allocated end of a buffer in memory. A computer can be made to execute potentially malicious code by feeding in extra data that is designed to flood the buffer.
Ferris reported the bug to the Mozilla Foundation on Sunday, intending to go through the organization's bug-reporting process, he said. However, in an example of the uneasy alliance between security researchers and software makers, he decided to publicly disclose the flaw after a run-in with Mozilla staff, he said.
Mozilla, which coordinates development of Firefox and distributes the software, could not immediately comment on the flaw disclosure. However, a source close to the organization confirmed that Ferris had filed several bug reports, including this specific one.
Since the debut of Firefox 1.0 in November, usage of the open-source browser has grown. Security has been a main selling point for Firefox over Microsoft's Internet Explorer, which has begun to see its market share dip slightly--for the first time in years.
However, Firefox has had its own security woes. Several serious holes in the browser have been plugged since its official release, and experts have said that safe Web browsers don't exist.
The public bug disclosure comes just as Mozilla released the first beta of Firefox 1.5. The final release of the next Firefox update, which includes security enhancements, is due by year's end, according to the Firefox road map.
Ferris has found bugs in Microsoft software before, including a yet-unpatched flaw in Internet Explorer that Microsoft still has under investigation.
Earlier this month Microsoft credited Ferris with reporting a bug in a Windows feature called Remote Desktop Protocol that could allow an attacker to remotely restart Windows systems.
No Im one of those that believes while all systems are vulnerable, they are not euqally so. I guess someone wrote a virus for a phone that had a market share of 20,000 people because they thought it was the size of MS right?
Yes, as you know, I am extremely opposed to hackers open sourcing exploit code onto the internet prior to a vendor-created patch being available. Also as you know, many open source proponents right here on this site condone the practice as being a legitimate security process. Bottom line, users are now exposed to exploit with no patch available. But since it's an open source application to begin with, they're not going to get much sympathy.
Actually you're right, but not for the reason you think. Once again, DHS reported many more holes in Unix/Linux than Windows in this week's summary of security flaws.
http://www.us-cert.gov/cas/bulletins/SB05-250.html
Check the archives if you doubt it.
if i'm on the same side as you golden eagle i must be wrong.(grin)
i'm one of the few in the world that likes both OSs and don't believe all the BS coming from either group good or bad.
if one man made it there will always be some 13 year old punk out there ready to break into it.
Obviously. What we have to watch out for is those that claim their choice of O/S has fewer holes when the actual evidence proves the opposite. They are apparently willing to put us in peril simply to push their choice of software on us.
once again i ask you GE why are you hell bent against linux. people who follow these threads might be about listen to you if you where to explain your motives. the godfather(rush) has a saying, "follow the money" one can only asume your a microsoft higher up to understand your jihad against linux.
care to explain???
This must be all lies! LIES! LIES! I tell you. ONLY Microsoft would do such a thing as piss off a security expert trying to help them fix their product. I'm sure this really isn't a firefox issue and rather it's 100% Microsoft's fault. And besides even if this was a firefox issue, IE is horrible. Oh ya, get a MAC it's *nix and it's secure. Yeah, that's it, we OSS guys gave up on Firefox and now are going with MACs. {/sarcasm}
That's funny because that description fits you to a T.
I guess that comment doesn't apply to this article. Notice it says UNPATCHED. That means a patch doesn't exist yet.
good point about not installing pirated software, but Linux actually has more vulnerabilities than Windows (lately).
Sure. There's known radical leftists behind GNU/open source software, beginning with the "father of free software" Richard Stallman. The GNU group even has its own "Manifesto" and claims its goals are to make all software free, a move that would destroy the US software industry. Communist governments the world over all start getting this free software and like it so much they start passing laws requiring their governments to use it, Cuba, China, Vietnam, etc. Now we have the DNC here in the US committing to it and trying to pass laws here in the US as well.
Check my posting history the last few days, I've given lots of links backing all this up, just like I always have. It's a leftist plot, pure and simple. Sure, it has some practical advantages to those who want their software for free, but that doesn't take away from its leftist origins and goals of its primary supporters.
Pretty soon N3WBI3 and the OSS crowd will switch to touting MACs. Beat them up on Linux they go to MACs, beat them up on MACs they go to Linux. Beat them up on both they call you names.
Guess what else I heard? When Clinton was in the WH they were pushing Linux. Then Bush came in and they signed a big M$ contract. Not saying the WH dropped linux, but it is definitely less of a push today at the WH then it was when Clinton was there.
I'm sure it's fashionable in your crowd to claim those things, but studies have proven them to be bogus, and it's been pointed out to you before. Still don't want to believe it? Try linuxsecurity.com as a reference:
postaldave - I also don't like habitual liars.
That's gotta hurt.
LOL, they should, but watch, even though I blew his claim straight to hell he'll try to deny it, start calling me names, then his buddies will come along start enlarging and bolding their fonts while calling me names, all trying to change the subject and smear my character instead of admitting their claim was BS. No problem, everybody with a brain knows they're losers and have to resort to those tactics when the facts don't back them up, and that's all I care about.
Wow, so I have to apply two patches within 1 day. No thanks.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.