Closed
Bug 1149028
Opened 10 years ago
Closed 10 years ago
SHA-1 certificate violation log on Fennec leaks sensitive info in URL
Categories
(Firefox for Android Graveyard :: General, defect)
Tracking
(Not tracked)
RESOLVED
DUPLICATE
of bug 1149094
People
(Reporter: sdna.muneaki.nishimura, Unassigned)
Details
(Keywords: reporter-external, sec-moderate)
User Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2272.101 Safari/537.36
Steps to reproduce:
1. Install Fennec to an Android device which version is less than 4.0.
2. Launch https://www.google.com/#SECRET_IS_HERE
3. Login to Google
4. Search something with Google
Actual results:
Accessed all URLs contains query string and fragment are put to Logcat like below.
W/GeckoConsole( 2738): [JavaScript Warning: "This site makes use of a SHA-1 Certificate; it's recommended you use certificates with signature algorithms that use hash functions stronger than SHA-1." {file: "https://www.google.com/#SECRET_IS_HERE" line: 0}]
W/GeckoConsole( 2738): [JavaScript Warning: "This site makes use of a SHA-1 Certificate; it's recommended you use certificates with signature algorithms that use hash functions stronger than SHA-1." {file: "https://www.google.co.jp/?gfe_rd=cr&ei=GesYVZa#SECRET_IS_HERE" line: 0}]
W/GeckoConsole( 2738): [JavaScript Warning: "This site makes use of a SHA-1 Certificate; it's recommended you use certificates with signature algorithms that use hash functions stronger than SHA-1." {file: "https://www.google.co.jp/search?q=SEARCHWORD&oq=SEARCHWORD" line: 0}]
On Android 4.0 or less, any application having android.permission.READ_LOGS permission can retrieve other application's log data. And also, it may be sent to the third party as crash logs. So, sensitive information may be leaked.
Expected results:
SHA-1 certificate violation log should remove detailed information from accessed URL.
Updated•10 years ago
|
Flags: sec-bounty?
Updated•10 years ago
|
Component: Untriaged → General
Flags: needinfo?(snorp)
Product: Firefox → Firefox for Android
Version: 39 Branch → unspecified
Comment 1•10 years ago
|
||
This is the same as bug 1149094. Browser console on logcat.
Status: UNCONFIRMED → RESOLVED
Closed: 10 years ago
Flags: needinfo?(snorp)
Resolution: --- → DUPLICATE
Updated•10 years ago
|
Flags: sec-bounty? → sec-bounty-
Updated•9 years ago
|
Group: core-security → core-security-release
Updated•8 years ago
|
Group: core-security-release
Keywords: sec-moderate
Assignee | ||
Updated•4 years ago
|
Product: Firefox for Android → Firefox for Android Graveyard
Updated•6 months ago
|
Keywords: reporter-external
You need to log in
before you can comment on or make changes to this bug.
Description
•