Two security holes in Firefox

Search
Archives
Categories
- News (103)
- Tips (50)
- Tools (210)
  - Anti-Spam (19)
  - Anti-Spyware (22)
  - Anti-Virus (24)
  - Content Filtering (20)
  - Disassembler (4)
  - Encryption (33)
  - Firewall (27)
  - Forensics (12)
  - Freeware (149)
  - Hardware (22)
  - IDS/IPS (43)
  - Linux/Unix (125)
  - Live CD (8)
  - Network (157)
  - OSX (80)
  - Packet Sniffer (32)
  - Password Cracker (8)
  - Patch Management (9)
  - Port Scanner (24)
  - Proxy (14)
  - VPN (16)
  - vulnerability Scanner (54)
  - Windows (123)
  - Wireless (17)
Books

Security Books

SecuriTeam has reported two new vulnerabilities in Mozilla Firefox browser.

1. Firefox Popup Blocker Allows Reading Arbitrary Local Files (vulnerable systems: Firefox version 1.5.0.9)

For security reasons, Firefox does not allow Internet-originating websites to access the file:// namespace. When the user chooses to manually allow a blocked popup however, normal URL permission checks are bypassed. The attacker may fool the browser to parse a chosen HTML document stored on the local filesystem, and because Firefox security manager treats all file:/// URLs as having “same origin”, such a document could read other local files at its discretion with the use of XMLHttpRequest, and relay that information to a remote server.

2. Firefox Phishing Protection Bypass Vulnerability (Multiple /) (vulnerable systems: Firefox 2.0.0.1)

It is possible to bypass Phishing Protection by add some characters to URL address. URL will be still valid and will work properly but we are not aware of Phishing warning.

When we add “/” char at the end of domain in URL field – for Phishing Protection it will be another site than original and Phishing Protection Test will fail. Example: When my URL is on Phishing List: http://kaneda.bohater.net/phish.html – warning will be displayed

http://kaneda.bohater.net//phish.html – warning will NOT be displayed

Of course we can add more “/”.