|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
[SA14163] Mozilla / Firefox / Camino IDN Spoofing Security Issue
From: Secunia Security Advisories (sec-adv
secunia.com)
Date: Mon Feb 07 2005 - 08:36:53 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
TITLE:
Mozilla / Firefox / Camino IDN Spoofing Security Issue
SECUNIA ADVISORY ID:
SA14163
VERIFY ADVISORY:
http://secunia.com/advisories/14163/
CRITICAL:
Moderately critical
IMPACT:
Spoofing
WHERE:
From remote
SOFTWARE:
Mozilla 1.7.x
http://secunia.com/product/3691/
Mozilla Firefox 0.x
http://secunia.com/product/3256/
Mozilla Firefox 1.x
http://secunia.com/product/4227/
DESCRIPTION:
Eric Johanson has reported a security issue in Mozilla / Firefox /
Camino, which can be exploited by a malicious web site to spoof the
URL displayed in the address bar, SSL certificate, and status bar.
The problem is caused due to an unintended result of the IDN
(International Domain Name) implementation, which allows using
international characters in domain names.
This can be exploited by registering domain names with certain
international characters that resembles other commonly used
characters, thereby causing the user to believe they are on a trusted
site.
Secunia has constructed a test, which can be used to check if your
browser is affected by this issue:
http://secunia.com/multiple_browsers_idn_spoofing_test/
The issue has been confirmed in Mozilla 1.7.5 and Firefox 1.0. Other
versions may also be affected.
SOLUTION:
Disable IDN support by setting network.enableIDN to "false".
Don't follow links from untrusted sources.
Manually type the URL in the address bar.
PROVIDED AND/OR DISCOVERED BY:
Originally described by:
Evgeniy Gabrilovich and Alex Gontmakher
Reported by:
Eric Johanson
ORIGINAL ADVISORY:
http://www.shmoo.com/idn/homograph.txt
OTHER REFERENCES:
The Homograph Attack:
http://www.cs.technion.ac.il/~gabr/papers/homograph.html
ICANN paper on IDN Permissible Code Point Problems:
http://www.icann.org/committees/idn/idn-codepoint-paper.htm
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------
Unsubscribe: Secunia Security Advisories
----------------------------------------------------------------------
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]