Hoping that Firefox 2.0.0.6 fixed the Remote Command Exec Vulnerability?
Think again.
Billy Rios (Xs-sniper.com) discover a way to exploit it again:
Well, to make a long story short, Nate and I have discovered a way to “…exploit a common handler with a single unexpected URI…” Once again, these URI payloads can be passed by the mailto, nntp, news, and snews URIs, allowing us to pass the payload without any user interaction. So, it seems that although the conditions which allowed for remote command execution in Firefox 2.0.0.5 have been addressed with a security patch, the underlying file type handling issues which are truly the heart of the issue have NOT been addressed.
More details on his site.
You can use NoScript to protect you or Open Firefox and type 'about:config' in the location bar. Put 'network.protocol-handler.external' in the filter and put the unused URI to false. Screenshots here.
Friday
Firefox Remote Command Exec back to haunt us
Subscribe to:
Post Comments (Atom)
Security4all Blog
Twitter
Slideshare
Facebook
Digg
Flickr
0 comments:
Post a Comment