Firefox Remote Exploit [Archive]

View Full Version : Firefox Remote Exploit

dduardo

Sep9-05, 04:48 PM

Firefox URL Domain Name Buffer Overflow

Rating: Highly Critical

http://secunia.com/advisories/16764/

See if your vulnerable by clicking the the following link (Note: Firefox might crash) :

http://www.security-protocols.com/firefox-death.html

Depending on your Firefox setup this may or may not effect you. This did not affect me (Gentoo Linux, FF 1.06 compiled with fstack-protector-all).

Solution:

1) In the url bar go to about:config
2) Click on network.enableIDN to set to false

[edit] Mozilla has been planning to disable IDN for some time now since it is a broken standard. The patch Mozilla will be releasing shortly will disable IDN for good. You can actually go to Mozilla's Bugzilla and download the xpi patch.

https://bugzilla.mozilla.org/attachment.cgi?id=195467

cronxeh

Sep9-05, 08:10 PM

Its kinda weird it tries to download a file from NOAA's website

and the line in that file says

Matt Foster - SHV 1.2e

dduardo

Sep9-05, 08:17 PM

What are you talking about? The patch? The patch comes straight from bugzilla.mozilla.org.

Monique

Sep9-05, 08:48 PM

Solution:

1) In the url bar go to about:config
2) Click on network.enableIDN to set to false[/url] And how do I set it to false?

hypnagogue

Sep9-05, 08:49 PM

And how do I set it to false?

Does that mean you're using Firefox now? :surprised

Just double click it and it should be set to false.

FredGarvin

Sep9-05, 11:01 PM

Thanks for the heads up Dduardo. I had to change it.

Monique

Sep10-05, 05:33 AM

Does that mean you're using Firefox now? :surprised *Shhhhhhhht!*

Actually, I found a skin that solved some critical problems I had.

Just double click it and it should be set to false. Right, next time I should just go to sleep at 3 am.

gerben

Sep10-05, 05:53 AM

See if your vulnerable by clicking the the following link (Note: Firefox might crash) :

http://www.security-protocols.com/firefox-death.html

I use Firefox 1.0.6 on winXPsp2 and network.enableIDN to set to true, but the link does not crash Firefox it just gives me an empty page.

dduardo

Sep10-05, 08:36 AM

I said not everyone was affected. It depends on alot of factors.

[Update] Here is the official patch:

http://ftp.mozilla.org/pub/mozilla.org/firefox/releases/1.0.6/patches/307259.xpi

If you've already disabled IDN you don't need the above patch.