Full Disclosure mailing list archives
RE: Mozilla Firefox "Host:" Buffer Overflow Exploit
From: "Peter Kruse" <kruse () krusesecurity dk>
Date: Sun, 11 Sep 2005 10:24:06 +0200
Hi Skylined, Thanks for the heads up. Yes, certainly this is/was remotely exploitable. The good part is, that the Mozilla Team has released a "workaround"/security patch to fix this issue. They accomplish this by disabling IDN. The "What Firefox and Mozilla users should know about the IDN buffer overflow security issue" can be found at the following URL: https://addons.mozilla.org/messages/307259.html A patch for Mozilla Suite and Firefox users can be found here: http://ftp.mozilla.org/pub/mozilla.org/firefox/releases/1.0.6/patches/307259 .xpi I can confirm that the fix plugs the hole. Regards Peter Kruse ________________________________ From: full-disclosure-bounces () lists grok org uk [mailto:full-disclosure-bounces () lists grok org uk] On Behalf Of Berend-Jan Wever Sent: 10. september 2005 12:53 To: full-disclosure () lists grok org uk; bugtraq () securityfocus com; security () mozilla org Subject: [Full-disclosure] Mozilla Firefox "Host:" Buffer Overflow Exploit (Just a little heads up, no details or PoC attached) The security vulnerability in Mozilla FireFox reported by Tom Ferris is exploitable on Windows. I developed a working exploit that seems to be 100% stable, though I've only tested it on one system. The exploit will not be released publicly untill patches are out. On a side note: it took only about 3 hours and 30 minutes to develop the exploit, so I might not be the only one able to write it. Cheers, SkyLined -- Berend-Jan Wever <berendjanwever () gmail com> http://www.edup.tudelft.nl/~bjwever <http://www.edup.tudelft.nl/~bjwever> _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Mozilla Firefox "Host:" Buffer Overflow Exploit Berend-Jan Wever (Sep 10)
- Re: Mozilla Firefox "Host:" Buffer Overflow Exploit Przemyslaw Frasunek (Sep 10)
- Re: Mozilla Firefox "Host:" Buffer Overflow Exploit Paul (Sep 10)
- Re: Mozilla Firefox "Host:" Buffer Overflow Exploit Georgi Guninski (Sep 11)
- Re: Mozilla Firefox "Host:" Buffer Overflow Exploit Steve Friedl (Sep 11)
- Re: Mozilla Firefox "Host:" Buffer Overflow Exploit Georgi Guninski (Sep 11)
- <Possible follow-ups>
- RE: Mozilla Firefox "Host:" Buffer Overflow Exploit Peter Kruse (Sep 11)
- Re: Mozilla Firefox "Host:" Buffer Overflow Exploit Aviv Raff (Sep 11)
- Re: Mozilla Firefox "Host:" Buffer Overflow Exploit Georgi Guninski (Sep 11)
- Re: Mozilla Firefox "Host:" Buffer Overflow Exploit Aviv Raff (Sep 11)
- Message not available
- Re: Mozilla Firefox "Host:" Buffer Overflow Exploit Ill will (Sep 11)
- Re: Mozilla Firefox "Host:" Buffer Overflow Exploit Daniel Veditz (Sep 13)
- RE: Mozilla Firefox "Host:" Buffer Overflow Exploit Larry Seltzer (Sep 14)