Posted on 12/08/2005 4:06:06 PM PST by zeugma
Exploit code for the latest version of open-source browser Firefox was published Wednesday, potentially putting users at risk of a denial-of-service attack.
The exploit code takes advantage of a bug in the recently released Firefox 1.5, running on Windows XP with Service Pack 2. Firefox, which initially debuted over a year ago, has moved swiftly to capture 8 percent of the browser market.
The latest Firefox flaw exists in the history.dat file, which stores information from Web sites users have visited with the Firefox 1.5 browser, according to a posting on the Internet Storm Center, which monitors online threats.
"If the topic of a page is crafted to be long enough, it will crash the browser each time it is started after going to such a page," according to the Internet Storm Center posting. "Once this happens, Firefox will be unable to be started until you erase the history.dat file manually."
In testing Firefox 1.5 without a system running McAfee security software, the Firefox 1.5 browser would stall and not respond to a user's mouse, said Johannes Ullrich, chief research officer for the Sans Institute, which runs the Internet Storm Center.
"Users have to kill out of the browser and start over again. This stalled browser creates a DOS (denial of service) condition," Ullrich said.
Packet Storm, the security group that initially published the proof-of-concept exploit code, noted that in addition to the potential denial-of-service attack that could follow a buffer overflow, systems may also be subject to a malicious execution of code.
Ullrich, however, said while the potential may exist, it has not been proven either way that malicious code could be executed.
Mozilla Foundation, which released Firefox, said it was not able to confirm the browser would crash or be at risk of a DOS attack, after visiting certain Web sites. And Mozilla has not received any reports from users of such a problem, said Mike Schroepfer, vice president of engineering for Mozilla Corp.
He added that Firefox 1.5 can be slugglish on its next start-up, due to a bug in the history.dat, but it is not a security problem.
"We have gotten no independent verification that it crashes (Firefox), but there have been a lot of attempts to try," Schroepfer said.
Isn't that a mostly leftist site? Has always seemed like it to me.
This is not possible. Firefox and Linux are bullet proof and only Microsoft makes crappy software.
Move along...
bump for later
Due to the extremely large number of inaccurate and idiotic posts you've presented to this point, and your tendancy to encompass the very definition of the word "troll" on this forum, you are no longer relevant. Thanks and have a nice day.
Well when you start throwing terms like "knoppix" around on a political site, better be prepared to explain what it is.
I included a link.
Due to the extremely large number of inaccurate and idiotic posts you've presented to this point, and your tendancy to encompass the very definition of the word "troll" on this forum, you are no longer relevant. Thanks and have a nice day
Looks like just another flavor of U.N.ix, what's supposedly so great about it?
I have been using FireFox on my Mac for at least 7 months...
My version says 1.0.7. What is 1.5?
That's a common claim, but doesn't really hold water. I wrote the following some time back...
Why bother writing a virus for 3% of the US computer market?
Oh, I don't know. Perhaps as someone else already said on this thread, it might be done for the bragging rights of having created the first successful virus/worm to attack Macs.
I've seen this charge that the small market share that Mac and Linux have is what keeps them safe. It is repeated often enough and seems reasonable enough until you actually look at the history of some other worms/viruses.
Consider: the spread of the Witty Worm.
Quoth the poster:
Witty infected only about a tenth as many hosts than the next smallest widespread Internet worm. Where SQL Slammer infected between 75,000 and 100,000 computers, the vulnerable population of the Witty worm was only about 12,000 computers. Although researchers have long predicted that a fast-probing worm could infect a small population very quickly, Witty is the first worm to demonstrate this capability. While Witty took 30 minutes longer than SQL Slammer to infect its vulnerable population, both worms spread far faster than human intervention could stop them. In the past, users of software that is not ubiquitously deployed have considered themselves relatively safe from most network-based pathogens. Witty demonstrates that a remotely accessible bug in any minimally popular piece of software can be successfully exploited by an automated attack.
I suspect there are more than 12,000 Linux and/or Mac hosts out there on the internet.
Also, consider that the folks who were hit with this were also among the more security-concious users:
The vulnerable host population pool for the Witty worm was quite different from that of previous virulent worms. Previous worms have lagged several weeks behind publication of details about the remote-exploit bug, and large portions of the victim populations appeared to not know what software was running on their machines, let alone take steps to make sure that software was up to date with security patches. In contrast, the Witty worm infected a population of hosts that were proactive about security -- they were running firewall software. The Witty worm also started to spread the day after information about the exploit and the software upgrades to fix the bug were available.
Show me a successful worm/virus against Macs and I'll listen. Until then, your talking point is FUD.
1.5 is the latest version. It was released a few days ago. This thread has some useful information in it before it was trolled into oblivion.
You can download a portable version of Firefox and Thunderbird (e-mail) at http://johnhaller.com/jh/mozilla/
I have used both programs from a USB drive and they work well. You *should* be able to copy your existing profile into the portable version (I am not sure if all extensions and themes are compatible). I have an extension for Thunderbird that minimizes it to the system tray that will not work on portable Thunderbird, it needs a particular .dll on {win dir}/system but besides that I have had no problem.
Count me in.
Bragging rights? For destroying someone's computer? Isn't that against the law? Don't people go to jail for that in the U.S.? If they don't, they should.
Due to the extremely large number of inaccurate and idiotic posts you've presented to this point, and your tendancy to encompass the very definition of the word "troll" on this forum, you are no longer relevant. Thanks and have a nice day.
Are you completely incapable of taking a hint?
If you're going to literally call me "idiotic" you better come up with some proof. Right now all we know is you're continually proved wrong on basically every point you try to make, and constantly push this foreign freeware like this 'knoppix' on us. Why can't you answer the question, if it's so simple? You'd have to make a whole new bootable cd of knoppix every time there was a firefox patch like this, right? Is that a desirable situation, to you?
Thanks a great bunch!
Ray
Seconded! Great link for windows folks. Thanks.
Dass war sehr komisch. Wann Ich habe nach dem site gegeht, alles war auf Deutsch und koennte nichts gelesen.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.