Mozilla Browser Weakness

Paul Wilders · Jun 14, 2004

Mozilla Browser Address Bar Spoofing Weakness

http://secunia.com/advisories/11856/

CRITICAL:
Less critical

IMPACT:
Spoofing

WHERE:
From remote

SOFTWARE:
Mozilla 1.0
Mozilla 1.1
Mozilla 1.2
Mozilla 1.3
Mozilla 1.4
Mozilla 1.5
Mozilla 1.6
Mozilla Firefox 0.x

DESCRIPTION:
A weakness has been reported in Mozilla, allowing malicious people to
conduct phishing attacks.

The weakness is caused due to an error within the handling of URLs.
This can be exploited to potentially trick users into supplying
sensitive information to a malicious web site, because information
displayed in the address bar can be constructed in a certain way,
which may lead users to believe that they're visiting another web
site than the displayed web site.

Example:
http://[trusted_site]/ .[malicious_site]/

Successful exploitation requires that a malicious web site's domain
supports wildcard DNS and accepts invalid values in the "Host:"
header.

The weakness has been confirmed in Mozilla 1.6 and 1.7rc3 for Windows
and Firefox 0.8 and 0.9rc for Windows. Other versions may also be
affected.

SOLUTION:
Don't follow links from untrusted sources, but input URLs manually in
the address bar.

PROVIDED AND/OR DISCOVERED BY:
bitlance winter

OTHER REFERENCES:
SA11830:
http://secunia.com/advisories/11830/

regards.

paul

sig · Jun 14, 2004

Might want to add Opera to the list of browsers (which includes IE and Safari according to a previous article) that also apparently have this issue: http://securitytracker.com/alerts/2004/Jun/1010481.html

Log in or Sign up

Mozilla Browser Weakness

Paul Wilders Administrator

sig Registered Member

Log in or Sign up

Mozilla Browser Weakness

Paul Wilders Administrator

sig Registered Member

Useful Searches