[Full-disclosure] Mozilla Firefox "Host:" Buffer Overflow Exploit
Peter Kruse
kruse at krusesecurity.dk
Sun Sep 11 09:24:06 BST 2005
Hi Skylined,
Thanks for the heads up.
Yes, certainly this is/was remotely exploitable. The good part is, that the
Mozilla Team has released a "workaround"/security patch to fix this issue.
They accomplish this by disabling IDN.
The "What Firefox and Mozilla users should know about the IDN buffer
overflow security issue" can be found at the following URL:
https://addons.mozilla.org/messages/307259.html
A patch for Mozilla Suite and Firefox users can be found here:
http://ftp.mozilla.org/pub/mozilla.org/firefox/releases/1.0.6/patches/307259
.xpi
I can confirm that the fix plugs the hole.
Regards
Peter Kruse
________________________________
From: full-disclosure-bounces at lists.grok.org.uk
[mailto:full-disclosure-bounces at lists.grok.org.uk] On Behalf Of Berend-Jan
Wever
Sent: 10. september 2005 12:53
To: full-disclosure at lists.grok.org.uk; bugtraq at securityfocus.com;
security at mozilla.org
Subject: [Full-disclosure] Mozilla Firefox "Host:" Buffer Overflow
Exploit
(Just a little heads up, no details or PoC attached)
The security vulnerability in Mozilla FireFox reported by Tom Ferris
is exploitable on Windows.
I developed a working exploit that seems to be 100% stable, though
I've only tested it on one system.
The exploit will not be released publicly untill patches are out.
On a side note: it took only about 3 hours and 30 minutes to develop
the exploit, so I might not be the only one able to write it.
Cheers,
SkyLined
--
Berend-Jan Wever <berendjanwever at gmail.com>
http://www.edup.tudelft.nl/~bjwever
<http://www.edup.tudelft.nl/~bjwever>
Full-Disclosure is hosted and sponsored by Secunia.