flat assembler
Message board for the users of flat assembler.

Index > Heap > Firefox Fix Due Next Week After Attack Is Published

Goto page 1, 2, 3, 4  Next
Author
Thread Post new topic Reply to topic
LocoDelAssembly
Your code has a bug


Joined: 06 May 2005
Posts: 4633
Location: Argentina
LocoDelAssembly
http://www.pcworld.com/article/161988/
https://bugzilla.mozilla.org/show_bug.cgi?id=485217

The flaw affects all OSes and although fixed it won't be available until 3.0.8 release next week. Till then, don't visit porn and/or warez site Laughing
Post 27 Mar 2009, 19:34
View user's profile Send private message Reply with quote
Borsuc



Joined: 29 Dec 2005
Posts: 2466
Location: Bucharest, Romania
Borsuc
Does this apply only to Firefox 3?
Post 27 Mar 2009, 20:44
View user's profile Send private message Reply with quote
f0dder



Joined: 19 Feb 2004
Posts: 3170
Location: Denmark
f0dder
Borsuc: from the bug tracker:
Quote:
Found on security focus, not sure where the original came from. Exploit code at
the link iframes a little xml file with an xslt transform that causes a crash
reliably on 3.0 branch and trunk (and presumably 1.9.1, didn't test). Null,
but it's being called, assuming the worst for the moment.


I guess that means yes Smile
Post 28 Mar 2009, 06:33
View user's profile Send private message Visit poster's website Reply with quote
HyperVista



Joined: 18 Apr 2005
Posts: 691
Location: Virginia, USA
HyperVista
paging drhowarddrfine, paging drhowarddrfine.... Very Happy
Post 28 Mar 2009, 14:10
View user's profile Send private message Visit poster's website Reply with quote
LocoDelAssembly
Your code has a bug


Joined: 06 May 2005
Posts: 4633
Location: Argentina
LocoDelAssembly
(only Spanish link this time so I won't post it)

Firefox 3.0.8 has been released today before the announced date.
Post 28 Mar 2009, 16:14
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 17248
Location: In your JS exploiting you and your system
revolution
So who still runs their browser with full admin privileges?

Just don't do it.

If you are reluctant to make and use a limited user account then use DropMyRights instead.
Post 28 Mar 2009, 16:25
View user's profile Send private message Visit poster's website Reply with quote
LocoDelAssembly
Your code has a bug


Joined: 06 May 2005
Posts: 4633
Location: Argentina
LocoDelAssembly
"DropMyRights notepad.exe" allowed me to save a file at "Start>Programs>Start" of my user (but not others, however the "not full compromise" doesn't means I won't get infected myself with malware). This problem also exists using a limited user account but the extra scenario here is that the next time you log in the malware will have admin level privileges because your account is still an administrator and the malware runs outside DropMyRights.

With "DropMyRights notepad.exe C" I wasn't able to do that anymore but can a browser work correctly at that level?

And for those who may think that running Ubuntu is safe enough by itself, let me remind you that a similar "Start>Programs>Start" exists on Gnome and doesn't needs su/sudo to be set up, and again although not the entire machine is compromised the infected user will be.

It is still better to run programs unprivileged because although you are not completely safe, at least you can recover your system easily since the virus should not be able to install in such a way that you will need to kill the MBR and format the HDD to safely remove it later.
Post 28 Mar 2009, 17:02
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 17248
Location: In your JS exploiting you and your system
revolution
Constrained user is very problematic for many apps. Normal user should be enough to get you out of the common malware problems by keeping them out of the kernel. The only real danger with Normal user is the (now rare) privilege escalation exploits.
Post 28 Mar 2009, 18:23
View user's profile Send private message Visit poster's website Reply with quote
drhowarddrfine



Joined: 10 Jul 2007
Posts: 535
drhowarddrfine
HyperVista wrote:
paging drhowarddrfine, paging drhowarddrfine.... Very Happy
What?
Post 28 Mar 2009, 20:21
View user's profile Send private message Reply with quote
drhowarddrfine



Joined: 10 Jul 2007
Posts: 535
drhowarddrfine
Please note that, upon being told of the bug, the fix was up for approval within 2 hours and released hours after that. This morning I saw Ubuntu released the patch but anyone could have updated FF before then if they looked for it.

I sure would like to know why they published this online rather than reporting it themselves to Mozilla first.
Post 28 Mar 2009, 20:26
View user's profile Send private message Reply with quote
farrier



Joined: 26 Aug 2004
Posts: 274
Location: North Central Mississippi
farrier
Quote:

HyperVista wrote:
paging drhowarddrfine, paging drhowarddrfine....
What?


I believe HypereVista was anticipating a reply from you. Surely you know the origin of your own 'nick'

From my third favorite Three Stooges episode:

Paging Dr. Howard, Dr. Fine, Dr. Howard
Paging Dr. Howard, Dr. Fine, Dr. Howard

farrier

Rumors are that there is a Three Stooges movie in the making. ?Starring Brad Pitt, Sean Penn, ...?

_________________
Some Assembly Required
It's a good day to code!
U.S.Constitution; Bill of Rights; Amendment 1:
... the right of the people peaceably to assemble, ...
The code is dark, and full of errors!
Post 29 Mar 2009, 00:42
View user's profile Send private message Reply with quote
drhowarddrfine



Joined: 10 Jul 2007
Posts: 535
drhowarddrfine
farrier wrote:
Quote:

HyperVista wrote:
paging drhowarddrfine, paging drhowarddrfine....
What?


I believe HypereVista was anticipating a reply from you. Surely you know the origin of your own 'nick'
Of course.
Quote:

Rumors are that there is a Three Stooges movie in the making. ?Starring Brad Pitt, Sean Penn, ...?
Renee Zellweger
Post 29 Mar 2009, 02:18
View user's profile Send private message Reply with quote
drhowarddrfine



Joined: 10 Jul 2007
Posts: 535
drhowarddrfine
Well, I'll be. They are.
Sean Penn. Jim Carrey. Benicio Del Toro.

btw, I met George Clooney a couple weeks ago. Some of you may know I'm involved in the film industry and my son is an actor. Clooney is in my town (St. Louis) filming and I hit on my connections to get in a place where I could meet him.

My friend: "George, I'd like you to meet my friend, Doc."
Clooney: "Hi, Doc."
Me: "My name's not Doc."
Clooney gives my friend a funny look and continues down the hallway.
Post 29 Mar 2009, 02:23
View user's profile Send private message Reply with quote
Borsuc



Joined: 29 Dec 2005
Posts: 2466
Location: Bucharest, Romania
Borsuc
f0dder wrote:
I guess that means yes Smile
Ah good that I mostly use Firefox 2 (my own portable version with jauntePE Razz) to surf these days, because I'm on my uber slow HD laptop... (with just 192 MB RAM too and FF3 is a memory hogger). Plus I just love portable software as they don't mess up with your registry or "centralized files" Wink

_________________
Previously known as The_Grey_Beast
Post 29 Mar 2009, 02:42
View user's profile Send private message Reply with quote
drhowarddrfine



Joined: 10 Jul 2007
Posts: 535
drhowarddrfine
Hmm. I run FF3 on my 550Mhz P3 with192Mb.
Post 29 Mar 2009, 04:11
View user's profile Send private message Reply with quote
rugxulo



Joined: 09 Aug 2005
Posts: 2341
Location: Usono (aka, USA)
rugxulo
drhowarddrfine wrote:
Well, I'll be. They are.
Sean Penn. Jim Carrey. Benicio Del Toro.


Oh boy ... sounds problematic. (Why not just get Michael Chiklis from the tv movie a while back?)

Quote:

btw, I met George Clooney a couple weeks ago. Some of you may know I'm involved in the film industry and my son is an actor. Clooney is in my town (St. Louis) filming and I hit on my connections to get in a place where I could meet him.


No, but I did know that Clooney's aunt was Rosemary and first cousin (her son) is Miguel Ferrer. I also knew that Curly Joe, Shemp, and Moe were brothers (and Larry was their cousin). Just FYI in case anybody finds that interesting (and didn't already know). Wink
Post 01 Apr 2009, 13:19
View user's profile Send private message Visit poster's website Reply with quote
LocoDelAssembly
Your code has a bug


Joined: 06 May 2005
Posts: 4633
Location: Argentina
LocoDelAssembly
At this very moment a new vulnerability has been discovered in the JavaScript engine and public exploit exists (allows arbitrary code execution).

I don't have English reference sorry so for now I leave this: http://www.hispasec.com/unaaldia/3917

The exploit is available at milw0rm (referenced by the link above).

[edit] See this link provided by drhowarddrfine: http://blog.mozilla.com/security/2009/07/14/critical-javascript-vulnerability-in-firefox-35/ [/edit]


Last edited by LocoDelAssembly on 14 Jul 2009, 20:53; edited 1 time in total
Post 14 Jul 2009, 19:13
View user's profile Send private message Reply with quote
r22



Joined: 27 Dec 2004
Posts: 805
r22
LocoDelAssembly wrote:
At this very moment a new vulnerability has been discovered in the JavaScript engine and public exploit exists (allows arbitrary code execution).

I don't have English reference sorry so for now I leave this: http://www.hispasec.com/unaaldia/3917

The exploit is available at milw0rm (referenced by the link above).

Oh No!!!
Back to web surfing with telnet! The web without precious JavaScript is nothing more than text/plain anyways.

ps; having to count all the characters in this POST for the CONTENT-LENGTH attribute was a real pain :D :D
Post 14 Jul 2009, 20:22
View user's profile Send private message AIM Address Yahoo Messenger Reply with quote
drhowarddrfine



Joined: 10 Jul 2007
Posts: 535
drhowarddrfine
Patch to fix this has already been created by Mozilla and being tested.

Temporary fix:

The vulnerability can be exploited by an attacker who tricks a victim into viewing a malicious Web page containing the exploit code. The vulnerability can be mitigated by disabling the JIT in the JavaScript engine. To do so:

1. Enter about:config in the browser’s location bar.
2. Type jit in the Filter box at the top of the config editor.
3. Double-click the line containing javascript.options.jit.content setting the value to false.

Note that disabling the JIT will result in decreased JavaScript performance and is only recommended as a temporary security measure. Once users have been received the security update containing the fix for this issue, they should restore the JIT setting to true by:

1. Enter about:config in the browser’s location bar.
2. Type jit in the Filter box at the top of the config editor.
3. Double-click the line containing javascript.options.jit.content setting the value to true.

Alternatively, users can disable the JIT by running Firefox in Safe Mode. Windows users can do so by selecting Mozilla Firefox (Safe Mode) from the Mozilla Firefox folder.


Last edited by drhowarddrfine on 14 Jul 2009, 20:50; edited 1 time in total
Post 14 Jul 2009, 20:27
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 17248
Location: In your JS exploiting you and your system
revolution
Hmm, I've had almost no trouble without JS. I disabled it years ago. I always get a slightly happy feeling whenever I see JS exploits being talked about. :p
Post 14 Jul 2009, 20:30
View user's profile Send private message Visit poster's website Reply with quote
Display posts from previous:
Post new topic Reply to topic

Jump to:  
Goto page 1, 2, 3, 4  Next

< Last Thread | Next Thread >
Forum Rules:
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum


Copyright © 1999-2020, Tomasz Grysztar.

Powered by rwasa.