Closed Bug 228324 Opened 21 years ago Closed 21 years ago

Vulnerability in the Mozilla

Categories

(Core :: Security, defect)

x86
Linux
defect
Not set
critical

Tracking

()

VERIFIED DUPLICATE of bug 228176

People

(Reporter: caio_sm, Assigned: security-bugs)

Details

User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.5) Gecko/20031007 Build Identifier: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.5) Gecko/20031007 Designer British of 18 years it divulged this week a new technique to use to advantage itself of a breach of old security in navigator Internet Explorer (IE), that it can cause migraine to internautas. Using the described method, it can be taken the users of the program to visit sites false, believing to be in true sites. The imperfection happens when a code DHTML (HTML Dinâmico) cause problems of purification of URLs (addresses) in the navigator, what it allows that the creator of the code determines that URL will be shown in the bar of addresses of the IE. The malicious URL can together be recognized for the presence of code "%01" with the signal "@", that it marks the end of the false address and the start of the true one. The signal of @ is normally used in URLs to indicate the authentication of users and passwords, in the following format: simply http://usuario@dominio/pagina http://usuario:senha@dominio/pagina or. Substituting the name of the user for the address of a site it is possible to thus create a trick sufficiently known, that makes a false page to seem legitimate,: http://endereco_falso@endreco_verdadeiro. But the current technique goes a step beyond, when inserting the code?%01? before @. the This it makes with that the true address (of the aggressor) simply disappears in the bar of the navigator and the user sees only the address of the site that if wants to imitate. according to site of VSAntivirus security, the imperfection alone happens in navigators who have activated the ActiveX resource. In case that contrary, the user will see the URL malicious of the following form: http://endereco_falso%01@endereco_verdadeiro. It would like to inform, that I made the available test for the Secunia through the site: http://www.secunia.com/internet_explorer_address_bar_spoofing_test/ and I evidenced that the Mozilla also to be vulnerable beyond the Internet Explorer. Reproducible: Always Steps to Reproduce: 1. 2. 3. It would like to also inform that I use the Slackware Linux 9.1 with kernel 2.4.23
this sounds like a duplicate of bug 228176.
*** This bug has been marked as a duplicate of 221876 ***
Status: UNCONFIRMED → RESOLVED
Closed: 21 years ago
Resolution: --- → DUPLICATE
neil: almost :) reopening to dupe to the correct bug
Status: RESOLVED → UNCONFIRMED
Resolution: DUPLICATE → ---
*** This bug has been marked as a duplicate of 228176 ***
Status: UNCONFIRMED → RESOLVED
Closed: 21 years ago21 years ago
Resolution: --- → DUPLICATE
clearing security flag, as the other bugs about this are public and it was mentioned on the web too
Group: security
VERIFIED/dupe. Thanks for opening this up.
Status: RESOLVED → VERIFIED
You need to log in before you can comment on or make changes to this bug.