G33K [email protected] All your geek questions are belong to us.

 
LinkBack Thread Tools Display Modes
post #1 of 2 (permalink) Old 01-04-2008, 08:30 AM Thread Starter
doomsday machine
 
shagzomatic's Avatar
 
Join Date: Jun 2006
Location: Iowa
Posts: 3,971
   
new Firefox vulnerability

from /.:

Quote:
Aviv Raff, an Israeli researcher known for his work in hunting browser bugs, has revealed a Firefox spoofing vulnerability which could allow identity thieves to dupe users into giving up their password. According to Mr. Raff Firefox fails to sanitize single quotes and spaces in the 'Realm' value of an authentication header. Raff was quoted as saying 'This makes it possible for an attacker to create a specially crafted Realm value which will look as if the authentication dialog came from a trusted site.' This vulnerability was shown to be in the latest Firefox, version 2.0.0.11 and until Mozilla fixes this vulnerability Mr. Raff recommends in his blog 'not to provide username and password to Web sites which show this dialog.'
shagzomatic is offline  
Sponsored Links
Advertisement
 
post #2 of 2 (permalink) Old 01-04-2008, 10:04 AM
don't read this
 
rinn's Avatar
 
Join Date: Jun 2005
Location: Morrison, CO
Posts: 16,356
   
Send a message via AIM to rinn Send a message via Yahoo to rinn
That blows..


What dialog would websites show that we aren't supposed to provide info on..



Never pay again for live sex! | Hot girls doing naughty stuff for free! | Chat for free!


To view links or images in signatures your post count must be 10 or greater. You currently have 0 posts.

"I don't like your jerk off name, I don't like your jerk off face, I don't like your jerk off behavior, and I don't like you...... jerk off!"
To view links or images in signatures your post count must be 10 or greater. You currently have 0 posts.
rinn is offline  
Reply

Quick Reply
Message:
Options

Register Now



In order to be able to post messages on the Sport Bike Forum forums, you must first register.
Please enter your desired user name, your email address and other required details in the form below.

User Name:
Password
Please enter a password for your user account. Note that passwords are case-sensitive.

Password:


Confirm Password:
Email Address
Please enter a valid email address for yourself.

Email Address:
OR

Log-in










Thread Tools
Show Printable Version Show Printable Version
Email this Page Email this Page
Display Modes
Linear Mode Linear Mode



Similar Threads
Thread Thread Starter Forum Replies Last Post
Ubuntu Server and Firefox daotan G33K [email protected] 13 10-23-2007 07:16 PM
Firefox password vulnerability R1Budha G33K [email protected] 7 07-24-2007 08:16 AM
Windows vulnerability found in animated cursor handling shagzomatic G33K [email protected] 2 03-31-2007 09:05 AM
Firefox users dontpntpool G33K [email protected] 10 07-28-2006 10:29 PM
Firefox annoying new popups Belgium G33K [email protected] 16 09-07-2005 07:12 PM

Posting Rules  
You may post new threads
You may post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On

 
For the best viewing experience please update your browser to Google Chrome