|
|
| Page 1 of 1 |
|
|
 Posted: Fri, 11th Feb 2005 11:12 Post subject: Mozilla and Opera security flaw |
|
 |
Just read this on another Forum -
| Quote: | Submitted by Forcefire on torrentspy.com
A newly discovered security flaw in popular browsers including Firefox and Opera could be exploited by hackers to carry out phishing scams, security experts have warned.
Security services company Secunia issued an advisory detailing the issue, which allows for spoofing of web addresses. The flaw could be exploited by a malicious website to spoof the URL displayed in the address bar, SSL certificate and status bar.
The problem is due to an unintended result of the International Domain Name implementation, which allows the use of international characters in domain names, the company said.
This can be exploited by registering domain names with certain international characters that resemble other commonly used characters, causing the user to believe that they are on a trusted site.
Secunia stressed that users should not follow links from untrusted sources, and should manually type the URL in the address bar. The flaw has been confirmed in the following browsers:
* Mozilla 1.7.5
* Firefox 1.0
* Opera 7.54u1 and 7.54u2
* Konqueror 3.2.2
* Netscape 7.2
* Safari 1.2.4 (v125.1).
Secunia warned that other versions may also be affected. The company has constructed a test to check whether your browser is affected by this issue, which is available http://secunia.com/multiple_browsers_idn_spoofing_test/
In order to fix this you need to search for compreg.dat. Open it with Notepad or similar. In Notepad hit CTRL+F. Type IDN in the search box and hit find. Add a # symbol in front of each line you find containing IDN (Hit Find again until there are no more).
Example:
# {4byteshex-2byteshex-2byteshex-2byteshex-6byteshex},@mozilla.org/network/idn-service;1,,nsIDNService,rel:libnecko.so
Sources:
http://forums.mozillazine.org/viewt...2de6d34606db3f3
http://www.torrentspy.com/
|
gonna fix mine now...
btw mods, I posted this in "Genearl" and not "Apps" as Nearly Everyone looks in General 
---EDIT---
did everyone else only have 2 lines containing IDN ???
George W Bush -
'...more and more of our imports are coming from overseas.'
|
|
| Back to top |
|
|
razor1394
VIP Member
Posts: 3571
Location: Sweden
|
| Posted: Fri, 11th Feb 2005 11:25 Post subject: |
|
|
| Quote: | | As nearly everyone looks in general. |
It doesn't matter. It's the wrong section. That's it.
onT The flaw is not related to Mozilla only. It also affects Opera, Netscape and some more.
* MOVING *
Last edited by razor1394 on Sat, 12th Feb 2005 09:41; edited 2 times in total
|
|
| Back to top |
|
|
|
|
|
| Back to top |
|
|
|
|
| Posted: Fri, 11th Feb 2005 16:49 Post subject: |
|
|
A simpler way of fixing this is as follows :-
1. Install the Adblock Firefox extension. 2. Look at the Adblock 'Preferences' and go to 'Adblock Options'
3. Tick 'Site Blocking'
4. Add the following filter :-
/[^\x20-\xFF]/ This will block any URL that uses characters outside the normal ASCII range. Don't miss step 3! I did the first time and the tip didn't work.
Once you have it in place, go to the test site and the links simply don't go anywhere.
|
|
| Back to top |
|
|
|
|
| Posted: Fri, 11th Feb 2005 20:30 Post subject: |
|
|
^^^^ Yes, but then Genuine sites with numbers in dont work....
George W Bush -
'...more and more of our imports are coming from overseas.'
|
|
| Back to top |
|
|
[mrt]
[Admin] Code Monkey
Posts: 1342
|
| Posted: Sat, 12th Feb 2005 01:41 Post subject: |
|
|
hehe, "numbers" range, if memory still serves, from 0x30 and upto 0x39 which is well in the ASCII range so thats not true Steve.
teey
|
|
| Back to top |
|
|
|
|
| Posted: Sat, 12th Feb 2005 11:11 Post subject: |
|
|
well when I tried to vist this site http://www2.towerhobbies.com/cgi-bin/wti0001p?&I=LXJAY0&P=ML
when using that fix it did not allow me on, I had to uninstall Adblock to get onto that site
George W Bush -
'...more and more of our imports are coming from overseas.'
|
|
| Back to top |
|
|
|
|
| Posted: Sat, 12th Feb 2005 15:46 Post subject: |
|
|
i got onto site no problems and for adblock why would u unstall it there is a disable u can check under tools adblock prefereces just uncheck enable adblock
|
|
| Back to top |
|
|
|
|
| Posted: Sat, 12th Feb 2005 16:14 Post subject: |
|
|
I just did it in adblock, and got access to the site.
|
|
| Back to top |
|
|
|
|
| Posted: Sun, 13th Feb 2005 10:30 Post subject: |
|
|
strange, when I do it it blocks access to that site :'(
George W Bush -
'...more and more of our imports are coming from overseas.'
|
|
| Back to top |
|
|
razor1394
VIP Member
Posts: 3571
Location: Sweden
|
| Posted: Sun, 13th Feb 2005 10:42 Post subject: |
|
|
I'm not gonna close this thread but I just wanted to advice that we have a special thread for discussions of spyware, viruses, flaws and worms etc. It's in the operating system forum.
|
|
| Back to top |
|
|
| Page 1 of 1 |
All times are GMT + 1 Hour |
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
|
Powered by phpBB 2.0.8 © 2001, 2002 phpBB Group
|
|
 |
|
