Posted on 12/08/2005 4:06:06 PM PST by zeugma
Exploit code for the latest version of open-source browser Firefox was published Wednesday, potentially putting users at risk of a denial-of-service attack.
The exploit code takes advantage of a bug in the recently released Firefox 1.5, running on Windows XP with Service Pack 2. Firefox, which initially debuted over a year ago, has moved swiftly to capture 8 percent of the browser market.
The latest Firefox flaw exists in the history.dat file, which stores information from Web sites users have visited with the Firefox 1.5 browser, according to a posting on the Internet Storm Center, which monitors online threats.
"If the topic of a page is crafted to be long enough, it will crash the browser each time it is started after going to such a page," according to the Internet Storm Center posting. "Once this happens, Firefox will be unable to be started until you erase the history.dat file manually."
In testing Firefox 1.5 without a system running McAfee security software, the Firefox 1.5 browser would stall and not respond to a user's mouse, said Johannes Ullrich, chief research officer for the Sans Institute, which runs the Internet Storm Center.
"Users have to kill out of the browser and start over again. This stalled browser creates a DOS (denial of service) condition," Ullrich said.
Packet Storm, the security group that initially published the proof-of-concept exploit code, noted that in addition to the potential denial-of-service attack that could follow a buffer overflow, systems may also be subject to a malicious execution of code.
Ullrich, however, said while the potential may exist, it has not been proven either way that malicious code could be executed.
Mozilla Foundation, which released Firefox, said it was not able to confirm the browser would crash or be at risk of a DOS attack, after visiting certain Web sites. And Mozilla has not received any reports from users of such a problem, said Mike Schroepfer, vice president of engineering for Mozilla Corp.
He added that Firefox 1.5 can be slugglish on its next start-up, due to a bug in the history.dat, but it is not a security problem.
"We have gotten no independent verification that it crashes (Firefox), but there have been a lot of attempts to try," Schroepfer said.
That's all? Big freakin deal.
And who said it would? Who even said only a virus could attack you?
I've got a mini-CD with a Linux distro on it that I can use in any computer when I want to surf the web or FReep. Nothing is mounted writeable, and the machine performs the exact function I want.
So what, you'd still be suceptable to direct attack of any unpatched vulnerability that could corrupt or interfere with your session. You're simply relying on the unlikeliness of FR being compromised or your IP being directly attacked.
I just put a freeper folder on the desktop. When I want to follow a thread, I just drag the bookmark off the url address display and drop it in the folder. I don't like any old stuff hanging in Firefox, or any browser's memory. Firefox makes it convenient because you can set the params to delete on exit.
"Because there's a huge difference in selling something to someone verses giving it to them for free,"
That's exactly right. The person who gets it for free is guaranteed to have NONE of his hard earned money going to the ChiComs, while the guy who pays for software is effectively FUNDING technology and tech jobs transfers!
Of the two of us, YOU are the one who's money is ending up in the hands of "The Commies". Not me, Sparky.
"The point obvious to anyone who actually understands these issues is you can't apply security patches a finalized CD. "
No! Really? You're kidding. Quit joshin'. Seriously?
Right. You can't apply security patches to a finalized CD. Just like you can't apply viruses to a finalized CD. There ya go. Thanks again for proving my point.
"No such thing as a "RAM virus""
BWAHAHAHAHAHAHAHAHAHAHA! Glad you're not my tech guy!
You know, it only takes two seconds to type "ram virus" into Google, Buzzy. Maybe that's too much like command line work to you.
"As far as whether exploits of any kind could survive reboots, yes, they could, if you had any writeable devices available."
Knoppix boots with writeable drives turned off by default. Even after mounting them, you have to take the extra step of changing them to read-write mode, because without it all you can do is view the files on your drive, not change them.
Long story short, you're talking out your wazoo again.
"So what, you'd still be suceptable to direct attack of any unpatched vulnerability that could corrupt or interfere with your session."
Oh, no! You mean a WHOLE SESSION? Egads, man! That means I'd have to REBOOT! The horror!
Yeah right, everybody but you is to blame for China's growing tech strength, nevermind you want to give them software and patent licenses for free. You flamed out long ago, flamer.
Whatever data you had could be lost or stolen, but I guess that's nothing out of the ordinary with software like yours anyway.
Weak. Of course, you're always willing to gloss over issues when they present you with a moral quandry. But, I'd still like you to try to explain yourself.
How am I to blame, when I don't give my money to software companies that invest in China, and you do?
Face it. Of the two of us, I'm the only one who's dollars don't end up directly in Red China when I get a new OS.
I'd like to hear an explanation of how this makes me part of the problem. Should be good for a laugh.
Golden Eagle: Official Sponsor of the ChiCom Technology Revolution!
I agree. Initial reports of this problem were greatly exaggerated. It doesn't actually lock up your computer or browser, or cause it to crash. It just causes it to appear to take a long time to respond because it's processing a multi-megabyte tag.
"Whatever data you had could be lost or stolen, but I guess that's nothing out of the ordinary with software like yours anyway."
There's not an OS out there where data couldn't be lost or stolen. If it happens, I'd rather be on a read-only filesystem. Reboot, good as new.
But, if it continues to be a problem, I can download a new patched .iso, then toss the old disk. No problem whatsoever, except for you, the guy who doesn't even use it.
That's because you'd rather fund the ChiComs with your software dollars.
Citizen's Arrest! Citizens Arrest!
You've obviously had one flame too many. I'm the one that doesn't believe in tech transfers to communist states remember, while you go around claiming the Chinese don't get your software for free when they do. But let's don't get hung up on just the Chinese, everyone including Cuba, Iran and N korea have standardized on your free software too don't forget.
Thats nothing, IE will crash when you look at it. Something about photons bouncing off your eyeballs...
..it's still more secure than IE...
I use 1.5 with my DSL and run CCleaner and Spybot after every web session.
"I'm the one that doesn't believe in tech transfers to communist states remember..."
Then why do you fund them? I don't.
"while you go around claiming the Chinese don't get your software for free when they do. "
I don't give them anything. Especially my money. Can you say the same? Put up or shut up.
"But let's don't get hung up on just the Chinese, everyone including Cuba, Iran and N korea have standardized on your free software too don't forget."
How could we forget? That's 90% of what you wail about daily here. In fact, you're like a CD player stuck on repeat.
P.S...I never gave them anything, especially my money.
Don't try to weasel out now that you've finally realized how bad you've been smoked mr flamer. You're the one running around trying to cover up the fact that China and other potentially advesarial states are getting free software from the US. Don't deny that you haven't, you've clung to some little faq sheet like it was your long lost blanket when it attempts to claim China and others do not get said software for free. Any attempts by you NOW at blaming those that buy US products as well as call for stricter intellectual property laws is misguuded and/or hypocritical. Now go back to reading the GNU Manifesto over on your buddy Stallman's site so you'll at least know what it is you've been blindly supporting.
Presenting: The Best of Golden Eagle!
With such hits as:
Charge of the Light Brigade Literally Hundreds of RedHat Kernel Developers
Yes, We Have No Bananas RAM Viruses
You Don't Know How I Feel Support The ChiComs with Your Money When You Download an OS For Free, but You're Still More Evil Than Me When I Give Them Hundreds Of Dollars
Have you Ever Had to Make Up Your Mind Work From a Command Line?
Karma Chameleon Commie K-Meleon
I Left Lost My Heart Data In San Fransisco A Knoppix Security Breach
All of these songs, recorded over and over many times on a TWO CD SET!
Copyright 2005 Patent No. 5877882853234
This CD is copy protected. Any attempt to duplicate, redistribute, copy, listen to, look at, or think about it will result in criminal prosecution. Not for sale to Asians.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.