Become a fan of Slashdot on Facebook

 



Forgot your password?
typodupeerror
×
Mozilla The Internet Bug Security

Security Issues in Mozilla 454

paulius_g writes "SecurityFocus has released a security warning with three problems that affect Mozilla on all platforms. The first issue allows the source of a download to be spoofed, generating a fake URL. This security issue is really easy to replicate: Create a long URL and the downloading box will only display its ending (Mozilla and Firefox). The second issue was created by the way that Mozilla's browsers handle news:// links to newsgroups, hackers can easily create false links and create a buffer overflow (Mozilla 1.7.5 and below, Firefox versions before 1.0). The third exploit affects machines with multiple users. The way that Firefox and Thunderbird store files allows every user to see them and to probably catch the other user's surfing habits (Firefox and Thunderbird). Let's hope that these will be fixed soon!"
This discussion has been archived. No new comments can be posted.

Security Issues in Mozilla

Comments Filter:
  • A fix? (Score:5, Informative)

    by Blapto ( 839626 ) on Friday January 07, 2005 @10:58AM (#11287787)
    Resolution
    ==========

    All Mozilla users should upgrade to the latest version:

    Says the site, implying at least a partial fix is available.

    • Re:A fix? (Score:3, Interesting)

      by recursiv ( 324497 )
      Go to http://secunia.com/advisories/13599 [secunia.com] and it says: Solution Status: Unpatched

      Why is everyone saying these are fixed?
      • Re:A fix? (Score:5, Insightful)

        by The Spoonman ( 634311 ) on Friday January 07, 2005 @11:49AM (#11288402) Homepage
        Why is everyone saying these are fixed?

        I'm more curious as to why they aren't fixed YET? We've been hearing for years that Open Source software is better because any problem is fixed within 24-48 hours. Well, it's been almost 51 hours since that issue was released on SecurityFocus, and I'm sure significantly longer since it was first discovered. Firefox is still not telling me there's an update available. What gives?

        For those incapable of grasping the sarcasm, let me spell it out for you: rhetoric gets stale for a reason.
        • Re:A fix? (Score:4, Informative)

          by LnxAddct ( 679316 ) <sgk25@drexel.edu> on Friday January 07, 2005 @01:35PM (#11289663)
          Did you read the security alerts? They only affect Firefox 0.9.3 and earlier. They have been fixed since 1.0 ( not sure if it was intentional or not, but whatever code caused this no longer causes it).
          Regards,
          Steve
          • Re:A fix? (Score:3, Interesting)

            They only affect Firefox 0.9.3 and earlier.

            So? Why is it that when a flaw is found in a MS product that hasn't even been on the market for 4 years everyone jumps up and down and says "SEE! SEE!! They want to keep you on a constant upgrade cycle!!", but when it happens in the open source community, the reaction is "Eh, just upgrade"?
    • The easiest fix for the third one is:

      cd
      chmod 700 .mozilla .thunderbird .firefox

      I am surprised Mozilla software doesn't set profiles non-world readable by default...

      -Z
      • That is not the problem, it is an issue with how files are stored in /tmp, and most likely specificaly how it passes thes files off to a third program. The work around would be to save the file instead of open.

        But the first link shows that they are all fixed with the latest releases so not an issue.
  • Only THREE? (Score:3, Funny)

    by w1r3sp33d ( 593084 ) on Friday January 07, 2005 @10:59AM (#11287796)
    I guess they are not drinking the water from Redmond!
  • Security (Score:5, Funny)

    by Anonymous Coward on Friday January 07, 2005 @10:59AM (#11287800)
    Oh no! Time to switch back to IE.
  • by 53cur!ty ( 588713 ) on Friday January 07, 2005 @11:00AM (#11287809) Homepage
    The tragedy, the inhumanity!!

    Bet Gates is grinning today hoping everyone will forget his laptop crash.

    Don't Tech all day and night, visit:
    WillingtonKarateClub.org Training Tips and more
  • Umm.... (Score:4, Insightful)

    by Oxy the moron ( 770724 ) on Friday January 07, 2005 @11:01AM (#11287821)

    The way that Firefox and Thunderbird store files allows every user to see them and to probably catch the other user's surfing habits (Firefox and Thunderbird)

    Can't the same be said of IE or any program that stores information in %SYSTEMROOM%\Documents and Settings\%USERNAME% ? I mean, it's possible for me to see anyone's "habits" that way, right?

    • Re: (Score:2, Interesting)

      Comment removed based on user account deletion
      • Re:Umm.... (Score:3, Informative)

        Last time you checked it was TB 0.5:) (until then mail was stored under thunderbird program directory)

        Now everything is stored under Documents and Settings/user/Application Data/thunderbird

        or something like that.
    • Re:Umm.... (Score:5, Funny)

      by fitten ( 521191 ) on Friday January 07, 2005 @11:07AM (#11287892)
      You mean I gotta walk all the way down to the systemroom to get my information? Crap, no wonder I haven't been able to find it in my office lately...
    • Re:Umm.... (Score:3, Interesting)

      Partially related to that concept, I was using an XP system (no SP2 installed) where I didn't have admin rights. I was looking for a file that was in another user's documents folder. The operating system prevented me from browsing the folder through Explorer.

      When I did a Search for the file, the search window gladly displayed the file in question (from their documents folder) and allowed me to copy it to my documents folder.

      • I cannot replicate this. I get "Access is Denied" when I try to search in someone else's home directory. Win XP SP1.

        Searching for * in C:\Documents and Settings returns the folders in D&S, all the files/folders in my home directory, and all the files/folders in the "All Users" directory. I cannot use the search results dialog to access another user's home directory.

        I call shennanigans.
      • You need to make sure that your permissions are set correctly. Make sure that the subfolders inherit the permissions of the main folder. It seems like you did not have the permission to do anything with the UserName folder itself, but you had the permissions for the subfolders and their containing files. You need to right-click the UserName folder, then go to the permission settings, advanced and tick the bottom-most tick box to reset all permissions on files below the folder and update them with the sam
        • So could this be the bug, is Firefox setting the permission on the files it creates wrong? Could be it, in which case shame on them, especially if they are doing something other than what Windows does by default.

          Like other readers here, I am confused about what Firefox could possibly be doing that is different than other programs. This could be it.
    • Re:Umm.... (Score:3, Informative)

      by IcEMaN252 ( 579647 )
      I'll admit to not doing exhaustive research before making my commentary.

      I believe that the Docs & Settings folder is owned by the user in question and has the permissions set to keep other users out. But, thanks to the way the Windows runs, everyone pretty much need to be an Administrator to do things like, idk, run a CD-Burning app, so a knowledgable user could change the permissions and look inside.

      But, this is a generic Windows problem, most users are Administrators, and they can therefore see oth
      • Re:Umm.... (Score:3, Interesting)

        by parkrrrr ( 30782 )

        But, thanks to the way the Windows runs, everyone pretty much need to be an Administrator to do things like, idk, run a CD-Burning app...

        I've had everyone on my XP SP2 machine running as a "limited" user for quite a while, and so far the only application I've seen that didn't work properly was the latest version of Palm Desktop. (it has to be installed by an admin, but puts all of its settings in HKEY_CURRENT_USER. So it has to be installed by whoever needs to run it. So you have to promote any user wh

    • Actually, I'm not quite understanding that one myself. Both Mozilla/Firefox and IE store the user's cached data in the user's personal folder. Frankly, I don't know where else you should put it on a Windows box.

      You can set up your NTFS security such that only %USERNAME% can see the data in %USERNAME%'s folder. Very few home users do this, of course, and most wouldn't want to. Typical users wouldn't be able to function if Mom couldn't view the family pictures that Dad downloaded from the family's digit

    • Only if you have admin privileges on the machine. If you are joe normal user you don't have access to other user profiles.
    • The problem is not with the way Firefox and Thunderbird "store user's files". The problem has to do with the way they temporarily open files in helper apps for viewing -- on *nix, at least, they use the global /tmp directory, which means anyone can see what files you have open, and because of the way it sets up permissions on them (makes them world-readable), anybody may be able to read them while you have them open.

      I'm not too worried about the third one. For one thing, it is easily worked around by se

  • Misleading Article (Score:3, Informative)

    by Asacarny ( 244586 ) on Friday January 07, 2005 @11:02AM (#11287826)
    All of these security issues are fixed in the latest releases of Firefox/Thunderbird/Seamonkey. They have all been fixed for quite some time now.

    It would have been helpful for this information to be included in the story. Thanks, Slashdot.
  • Buffer overflow? (Score:4, Insightful)

    by mattgreen ( 701203 ) on Friday January 07, 2005 @11:02AM (#11287831)
    Weak. They should know better than that. It's not like it is hard to prevent a buffer overflow. They're using C++ for crying out loud.
    • by deadlinegrunt ( 520160 ) on Friday January 07, 2005 @11:20AM (#11288046) Homepage Journal
      I have not looked at the latest code base so my response may very well be wrong, however you may want to keep this in mind when making such a statment:

      Perhaps one reason is they are not really using C++ to its fullest extent like here [mozilla.org] as an example.

      • Perhaps one reason is they are not really using C++ to its fullest extent like here as an example.

        It's always depressing to see portability guides that say that sort of thing. (For those who didn't follow the link, it basically says don't use standard libs like iostreams.) C++ has been standardised since '98, with most players knowing the basic rules well before that. That's nearly a decade ago!

        We have similar rules at work, where we do work with some seriously old compilers on a very portable code ba

  • by codesurfer ( 786910 ) on Friday January 07, 2005 @11:02AM (#11287833)
    that I can still wipe my Linux box, buy a copy of XP, install, activate, update, reboot, update, reboot, get SP1 & 2, reboot, update, reboot and I'll be able to use Internet Explorer, a safe alternative to....oh wait...
    • > buy a copy of XP, install, activate, update, reboot, update, reboot, get SP1 & 2

      Nice little roll, there. I probably oughtn't point out that if you're actually buying a copy of XP these days that it'll have SP2 applied to it already. At least, all the stores around here sell it this way.

  • Updates (Score:5, Insightful)

    by harlingtoxad ( 798873 ) <harlingtoxad@[ ]il.com ['gma' in gap]> on Friday January 07, 2005 @11:02AM (#11287834)
    Most viruses are exploits of things MS has patched months earlier. If Firefox becomes mainstream can we count on the average user to update or will an out of date Firefox become nearly as bad as IE?
    • Re:Updates (Score:3, Informative)

      by rainman_bc ( 735332 )
      AFAIK Firefox [ on win ] checks for updates itself. It should never be out of date.

      On linux, you have stuff like apt / yum / portage to keep computers up to date.

      Mac version probably updates itself too, but don't quote me on that.
    • If Firefox becomes mainstream can we count on the average user to update or will an out of date Firefox become nearly as bad as IE?

      No and yes, respectively.

      Herein lies the fallacy behind much of the MS-bashing on threads like this.

  • Note that it appears from what I read that these issues only affect the beta versions of FireFox. Who uses a beta once a released version is out???

    Basically this is a non issue as everyone should have upgraded to v1.0 as soon as it came out.
  • by I.M.O.G. ( 811163 ) <spamisyummy@gmail.com> on Friday January 07, 2005 @11:03AM (#11287838) Homepage
    Perhaps it will serve as a reality check for those who have the wrong (idealistic) conception about this browser... Average users are so quick to jump on a bandwagon. People tend to think entities like Google and Firefox are lights in the harbor or signs from God. They are just implementations which are better than what others are doing, and they are not as perfect as many like to imply. Firefox is no doubt an improvement over the many other options out there, but as it gains popularity, it will also gain more status as a target - much like IE has been for years now. The fact there there are still vulnerabilities should come as a surprise to no one.
    • The fact there there are still vulnerabilities should come as a surprise to no one.

      Indeed, however the hope is that the security problems will be fixed quickly, and that the developers wont ignore them, pretending they don't exist.

      The really important thing as far as I'm concerned is the length of time needed to fix newly discovered bugs, not the number, and this is where the open source development model works so much better.
      • by IcEMaN252 ( 579647 ) on Friday January 07, 2005 @11:18AM (#11288018) Homepage
        The really important thing as far as I'm concerned is the length of time needed to fix newly discovered bugs, not the number, and this is where the open source development model works so much better.

        I'm also concerned about those nasty 0-Day vulnerabilites that are out there but we don't know about. The problem with open source is that the code is out there, so its easier to find the bugs. The saving grace is that the code is generally better, and there are usually more white hats looking for the problem than black hats.

        I still think FF is safer than IE, but I also think its just as important to be wary of the bugs we don't know about as the ones we do. The same goes for any software product.
    • by 0123456 ( 636235 ) on Friday January 07, 2005 @11:10AM (#11287930)
      "The fact there there are still vulnerabilities should come as a surprise to no one."

      Of course not. But, unlike IE, these aren't 'You open a web page and your machine is taken over as a spam zombie' vulnerabilities. They should be fixed, but are less serious than the usual IE bugs... and they'll likely be fixed a lot faster.
      • I believe you missed the point of the OP.

        These are not serious Mozilla bugs, yet. IE didn't have these problems right away. Just like Mozilla are not having these problems, right away.
      • by Anonymous Brave Guy ( 457657 ) on Friday January 07, 2005 @11:38AM (#11288249)
        But, unlike IE, these aren't 'You open a web page and your machine is taken over as a spam zombie' vulnerabilities. They should be fixed, but are less serious than the usual IE bugs...

        If you can have buffer over-run vulnerabilities in your C++ app, then you are potentially vulnerable to absolutely anything. The fact that even one exists, even in a beta development, betrays fundamentally flawed coding standards and/or QA procedures. These things should never happen in a C++ app, and the coding techniques to prevent them are trivial.

        and they'll likely be fixed a lot faster.

        Easy, tiger. As others have pointed out, most exploits of Windows/IE systems use vulnerabilities that MS patched months ago, and when critical ones do come up, patches usually do appear (with much hype) PDQ.

        • > If you can have buffer over-run vulnerabilities
          > in your C++ app, then you are potentially
          > vulnerable to absolutely anything.

          Not really true.

          1) If it's a *read* overrun, it's probably not exploitable. Could possibly be an information leak.

          2) If it's a write overrun by at most 1 byte, it probably won't be exploitable.

          3) A variety other restrictions may apply that make it not exploitable.

          4) The browser might have a buffer overrun bug that cannot be triggered by a remote Web page unless the us
    • "The fact there there are still vulnerabilities should come as a surprise to no one."

      The only reason it's surprising to me, is that these are bugs that have been already fixed.

      It wouldn't be a slashdot story if it read, "the Bugzilla for the Firefox project notes that in version .8 and .9, it was possible to spoof a URL by doing some nasty tricks. Here's the technical data." Or, "old release notes indicate bugs were fixed. If you want some demonstrations of these old bugs, click here!"

      Right?
  • As it becomes more and more popular, more and more bugs will be discovered. There is no inherently secure piece of software: it's only a matter of problems / volume.

  • And.... (Score:2, Insightful)

    Undoubtedly, proponents of MS will point to this and say "See...told you so..."

    The difference between Mozilla/other OSS and MS software is that while a bug in IE will remain unfixed for months (unless it's such a glaring error that the media grills them for it,) a bug in Moz/Firefox won't last very long. So the real issue that we need to remember is not that three bugs were found, but that unlike MS three bugs will be fixed.

    Cheers,
    -maztuh
    • The REAL news is they three bugs in firefox were fixed....

      Oh wait, that wouldn't be news, that would be business as usual.

      Read The Article. These are fixed.
  • the 75 outstanding Secunia security advisories for IE or the 33 security advisories for Opera? Don't they get equal billing?
  • Third item... (Score:5, Informative)

    by Anonymous Coward on Friday January 07, 2005 @11:05AM (#11287867)
    This only applies to Windows platforms. Linux and Unix versions maintain all user information in the homedir, preventing access to ordinary users.
    • Re:Third item... (Score:3, Informative)

      by shis-ka-bob ( 595298 )
      Please read the third item. This is clearly describling a Unix-like system with a /tmp directory and xpdf as a pdf viewer. This isn't what you find on Windows. This whole issue is a tempest in a teapot. All of these issues are closed and the 'fix' is simply to run the current package. Just 'portupgrade' or whatever your system uses to update packages and ignore this warning.
    • Actaully it was demonstrated on Linux. However, it is only applicable to downloaded files that you select to open rather than save. So say you do not have the acrobat reader plugin, you download a pdf file, rather than select save, you choose open with xpdf.

      Doing this leaves a world readable file in /tmp. A minor security issue, but nothing to get worked about and leaves a very easy work around. Save the file and nothing is left in /tmp, or manually clean /tmp after your browsing if you are that parano
  • by killmenow ( 184444 ) on Friday January 07, 2005 @11:06AM (#11287872)
    So sayeth the submitter:
    Let's hope that these will be fixed soon!
    Slashdot has gotten so bad, now the submitters don't even RTFA!
  • RTFA - Answers await (Score:2, Informative)

    by Anonymous Coward
    As the article clearly state, all three have been fixed. Simply use the latest versions of the software.
  • by WhiteWolf666 ( 145211 ) <[sherwin] [at] [amiran.us]> on Friday January 07, 2005 @11:07AM (#11287885) Homepage Journal
    The Slashdot article, not security focus. In plain text, at the top, it says these were FIXED in the latest versions.

    They affect Firefox versions BEFORE 1.0, Thunderbird BEFORE .9, and Mozilla BEFORE 1.7.5.

    This article was posted by some MS shill who is hoping the because Slashdot is spidered by Google news they will get some mainstream journalism about Firefoxes bugs!

    This is TOTAL crap! Let the MS Smear campaign begin!
  • two...

    What, they're fixed already?

    Never mind.

    I love open source.
  • The reality... (Score:2, Insightful)

    by eastshores ( 459180 )
    Is that Firefox, and most likely ANY product that attempts to compete with an established Microsoft product will have to face two issues that Microsoft constantly faces: 1) Features take precedence in the development lifecycle forcing security to become an after-thought. 2) As popularity increases, so does visibility which is currently one of the primary factors in determining scrutiny for such issues.

    I still prefer Firefox for it's usability features. It wasn't long ago that they got in place a "Software
  • So we have (Score:4, Insightful)

    by hattig ( 47930 ) on Friday January 07, 2005 @11:13AM (#11287962) Journal
    Problem One: A String Formatting Issue, URLs should be shown as "http://www.blah.com/.../www.spoof.com/register.ph p" rather than ".../www.spoof.com/register.php" and users should be shot if they can't recognise a valid URL.

    Problem Two: Beta Firefox? That's not an issue then. Otherwise, who let a buffer overflow get into the codebase?

    Problem Three: Surely this is more of a problem with Windows' Security model? if an OS is used essentially as a single user machine (e.g., 9x) then there is little that can be done between profiles.
    • Problem 4: Slashdot poster pontificates about windows security without RTFA and makes bizarre claim that the windows security model causes vulnerabilities with thunderbird on debian unstable.
  • I noticed that the news protocol hole is one part of the source that few developers are interested in. Because of this, bugs like this are less likely to get discovered.

    The UI hole (right-aligning the URL) is also in an unexpected place.

    I always hear talk about the problem with Open Source is people only do the fun stuff. Well, for different people, different things are fun. For some people a security review is very fun. Of course, not as fun as doing a security review on the otherwise most interesting pa
  • by GweeDo ( 127172 ) on Friday January 07, 2005 @11:14AM (#11287972) Homepage
    Affected packages
    =================

    Package / Vulnerable / Unaffected
    1 mozilla / < 1.7.5 / >= 1.7.5
    2 mozilla-bin / < 1.7.5 / >= 1.7.5
    3 mozilla-firefox / < 1.0 / >= 1.0
    4 mozilla-firefox-bin / < 1.0 / >= 1.0
    5 mozilla-thunderbird / < 0.9 / >= 0.9
    6 mozilla-thunderbird-bin / < 0.9 / >= 0.9

    So, lets try reading this data. If you are running version 1.0 of Firefox, version 1.0 of Thunderbird or version 1.7.5 of Mozilla (all the latest versions) you have NONE of these issues. Geez....
    • by BenjyD ( 316700 ) on Friday January 07, 2005 @11:18AM (#11288031)
      Apart from the first issue, of course, which reads:

      "The vulnerability has been confirmed in Mozilla 1.7.3 for Linux, Mozilla 1.7.5 for Windows, and Mozilla Firefox 1.0. Other versions may also be affected."

      So it's actually just one spoofing vulnerability. It's probably a result of fixing the bug in 0.9.something where an overly long (>4kb, IIRC) URL in the address bar could cause firefox to lock up the x-server.
  • Download Firefox!

    Seriously, all of these are fixed in the current version. The poster even says it with regards to the buffer overflow problem!

  • Anyone good at writing up story submissions?

    Time to troll Slashdot! Seriously...Given that all three bugs are ALREADY fixed, it shouldn't be too hard to sneak a 'troll' story by about how the Mozilla foundation responded instanteously to these bug reports.

    Use this urlhttp://www.mozillazine.org/talkback.html?artic l e=5844 [mozillazine.org] for the nntp flaw, and link to the same security focus article regarding the other two.

    Why? Because the security article tells you to update your mozilla based software to the latest ve
  • Long URL? (Score:3, Funny)

    by discordja ( 612393 ) on Friday January 07, 2005 @11:25AM (#11288101)
    This security issue is really easy to replicate: Create a long URL and the downloading box will only display its ending (Mozilla and Firefox).

    is this long enough?
    http://hugeurl.com/?MjYzODBkMDE2ZTI1M2Q3ODQ5ZThlYm Q1YjRhMjMxMjgmMTImVm0wd2QyUXlVWGxXYTJoV1YwZG9WVll3 Wkc5alJsWjBUVlpPV0Zac2JETlhhMUpUVmpGYWMySkVUbGhoTW sweFZqQmFTMk15U2tWVWJHaG9UVmhDVVZadGVGWmxSbGw1Vkd0 c2FsSnRhRzlVVjNOM1pVWmFkR05GZEZSTlZUVkpWbTEwYTFkSF NrZGpTRUpYVFVad1NGUlVSbUZqVmtaMFVteFNUbUY2UlRGV1ZF b3dWakZhV0ZOcmJGSmlSMmhZV1d4b2IwMHhXbGRYYlVaclVsUk dXbGt3WkRSVk1rcElaSHBHVjJFeVVYZFpWRVpyVTBaT2NscEhj RlJTVlhCWlZrWldhMVV5VW5OalJtUllZbFZhY1ZscldtRmxWbV J5VjI1a1YwMUVSa1pWYkZKRFZqQXhkVlZ1V2xaaGExcFlXa1Zh VDJOdFNrZFRiV3hYVWpOb1dGWnRNSGRsUjBsNFUydGthVk5GV2 xSWmJHaFRWMVpXY1ZKcmRGUldiRm93V2xWb2ExWXdNVVZTYTFw WFlrZG9jbFpxU2tabFZsWlpXa1prYUdFeGNGaFhiRnBoVkRKT2 RGSnJhR2hTYXpWeldXeG9iMWRHV25STlNHaFBVbTE0VjFSVmFH OVhSMHBJVld4c1dtSkhhRlJXTUZwVFZqRmtkRkp0ZUZkaWEwcE lWbXBKZUUxR1dsaFRhMlJxVWtWYVYxWnFUbTlsYkZweFUydGth bUpWVmpaWlZWcHJZVWRGZUdOSGFGaGlSbkJvVmtSS1QyUkdTbk poUjJoVFlrVndWVlp0ZUc5Uk1XUlhWMWhvV0dKWVVrOVZha1pI VGxaYVdFNVZPVmhTTUhCNVZHeGFjMWR0U2toaFJsSlhUVlp3V0 ZreFdrdGtSa3B6Vld4a2FXRXdjRWxXYlhCTFpXczFWMWRzYUZS aE1sSndWV3RhUzFZeFVsaE9WemxzWWtad2VGVXlkR0ZpUmxwel UyeHdXbFpXY0hKV2FrWkxWMVpHY2sxV1pGZE5NRXBKVm10U1Iy RXhXWGxVYTFwaFVqSm9WRlJYTlc5a2JGcEhWbTA1VWsxWFVucF dNV2h2VjBkS1JrNVdWbFZXYkhCWVZGUkdVMk15UmtaUFYyaHBV bGhDV1ZacVNqUlZNV1IwVTJ0a1dHSlhhRmhaVkVaM1pXeHJlV1 ZJWkZOV2ExcDVWREZrYzFVd01IbGhSbXhYWWxoQ1RGUnJaRVps Um1SellVWlNhVkp1UW5oV1YzaHJWVEZzVjJKR2FHcGxhMXB4V1 d0YWQyVkdWblJOVldSV1RXdHdWMWx1Y0V0V2JGbDZZVWRvV21F eVVrZGFWV1JQVWpKS1IxcEhiRmhTVlhCS1ZqRmFVMU14VVhsVV dHaGhVMFphVmxscldrdGpSbFp4VW10MFYxWnNjRWhXVjNSTFlU QXhSVkpzVGxaU2JFWXpWVVpGT1ZCUlBUMD0= [hugeurl.com]
  • Issue 1: Spoofing, unpatched (yet). Moderately critical.

    Issue 2: Fixed (Affected Versions: Mozilla Browser
    This bug is fixed in Mozilla 1.7.5. (Bug 264388)
    Mozilla developer Dan Veditz claims that it cannot be exploitable:
    "A '\' on the end will certainly trash memory, but at that point you're no
    longer reading attacker-supplied data;".
    So, at most it would be a DOS attack, not a true "hack into your computer". And from the Security focus link:

    Affected packages
    =================
    mozilla < 1.7.5
    mozilla-bin < 1.7.5
    mozilla-firefox < 1.0
    mozilla-firefox-bin < 1.0
    mozilla-thunderbird < 0.9
    mozilla-thunderbird-bin < 0.9

    So Firefox 1.0 is indeed safe.

    Issue #3:From the link:

    This exact issue affects Mozilla Firefox 0.9.3. I haven't tested
    older/newer versions, and all of this was tested under Debian Unstable.


    In other words, 1 outdated, another unconfirmed, and the first one real, but it's moderately critical.

    So the Mozilla guys have only to fix ONE bug, and CONFIRM another. Issue #2 is fixed already.

  • Notice how every bug report about IE starts by saying how bad IE is, then saying MS sucks, and Mozilla doesn't have this bug because it's so great.

    Now read the post about a Mozilla bug. No mention that IE does not have the bug. No mention that the coders who left this bug are crappy, and no mention that you could switch to IE to avoid this bug.

    I know, IE has its bugs too, but it seems like we could be a bit more fair around here and at least either treat both browsers as if they suck, or treat them both
  • Third problem (users can see other users profile info, history, etc.) should be easy enough to fix, or at least easy enough to leave it to the OS to determine user access. Just place the files in user-owned private folders, like the documents and settings folder in windows or the user/home folders in linux. Mozilla shouldn't be responsible for user-level file access info.
  • Why is it... (Score:3, Interesting)

    by cagliost ( 794083 ) on Friday January 07, 2005 @11:56AM (#11288516)
    That when Mozilla (or anything not by Microsoft) has a bug, people say "Let's hope that these will be fixed soon!", but when IE (or anything by Microsoft) has a bug, people say (")Hahahahaha!(")?
  • "Mozilla 1.7.5 and below, Firefox versions before 1.0"

    Wait, I thought the reason to still use Mozilla instead of Firefox is that bugfixes make it to Mozilla releases first. Now it looks like the only reason is that Mozilla integrates Google/search into the same UI field as "Go to URL".
  • by Lodragandraoidh ( 639696 ) on Friday January 07, 2005 @12:12PM (#11288685) Journal
    Create a long URL and the downloading box will only display its ending (Mozilla and Firefox).

    Click 'cancel' if you are not sure about what you are downloading; Addtionally, you should be able to hover the mouse over a link and see the actual URL in the display bar at the bottom of the window. I do this all the time because I want to be sure where my browser will be connecting when I click anything. Of course, if you go to sites that don't use standard HTML for their links, you could be scammed. Generally speaking, unless you are running IE, downloading a trojan isn't going to be that bad - as long as you don't then try to run it. If you were expecting a picture, or a zip file, and got an executable instead, that could also tip you off. This is probably the worse problem of the three - but nothing to lose sleep over.

    The second issue was created by the way that Mozilla's browsers handle news:// links to newsgroups, hackers can easily create false links and create a buffer overflow (Mozilla 1.7.5 and below, Firefox versions before 1.0).

    If you aren't using the latest version of the browser - you are wrong. Additionally, who reads news groups anymore? I gave up wading through all the spam and flame wars long ago...

    The third exploit affects machines with multiple users. The way that Firefox and Thunderbird store files allows every user to see them and to probably catch the other user's surfing habits (Firefox and Thunderbird). Let's hope that these will be fixed soon!
    chmod 700 -R /directory/path/where/mozilla/keeps/the/files/*
    - should do the trick on most unix/linux systems. I can't see this breaking the browser, because presumably it is being run by you as you. This is irrelevant on a Windoze machine because it is not truely multi-user (and I can slap a knoppix disk into your windows machine, reboot linux, and read all your files provided I have physical access anyway - which is how most people 'share' a windows box).

"Hello again, Peabody here..." -- Mister Peabody

Working...