It appears you have not yet registered with our community. To register please click here...

 
Go Back [M] > Madshrimps > WebNews
Firefox Spoofing Bug Puts Passwords At Risk Firefox Spoofing Bug Puts Passwords At Risk
FAQ Members List Calendar Search Today's Posts Mark Forums Read


Firefox Spoofing Bug Puts Passwords At Risk
Reply
 
Thread Tools
Old 4th January 2008, 17:25   #1
Madshrimp
 
jmke's Avatar
 
Join Date: May 2002
Location: 7090/Belgium
Posts: 79,001
jmke has disabled reputation
Default Firefox Spoofing Bug Puts Passwords At Risk

Aviv Raff, an Israeli researcher known for his work in hunting browser bugs, has revealed a Firefox spoofing vulnerability which could allow identity thieves to dupe users into giving up their password. According to Mr. Raff Firefox fails to sanitize single quotes and spaces in the 'Realm' value of an authentication header. Raff was quoted as saying 'This makes it possible for an attacker to create a specially crafted Realm value which will look as if the authentication dialog came from a trusted site.' This vulnerability was shown to be in the latest Firefox, version 2.0.0.11 and until Mozilla fixes this vulnerability Mr. Raff recommends in his blog 'not to provide username and password to Web sites which show this dialog.'

http://www.pcworld.com/article/id,14...1/article.html
__________________
jmke is offline   Reply With Quote
Reply


Similar Threads
Thread Thread Starter Forum Replies Last Post
Firefox master password recovery tool jmke WebNews 0 2nd September 2009 11:40
Time to check your WPA/WPA2 WLAN Passwords jmke WebNews 0 17th January 2009 13:49
Next Firefox 3.1 Beta Date Announced jmke WebNews 0 5th August 2008 21:25
IE flaw puts Windows XP SP2 at risk Sidney WebNews 3 6th February 2007 17:25
Bug fixes lead to Firefox 2 RC3 jmke WebNews 0 18th October 2006 07:51
Firefox 1.0.2 Released jmke WebNews 1 17th April 2005 21:16
Mozilla and Firefox flaws exposed jmke WebNews 0 7th January 2005 13:12

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


All times are GMT +1. The time now is 22:48.


Powered by vBulletin® - Copyright ©2000 - 2019, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO