Firefox – Not so secure afterall !!!

<snip>

Mozilla Firefox URI filtering vulnerability

Mozilla Firefox does not filter input when sending certain URIs to registered protocol handlers. This may allow a remote, authenticated attacker to use Firefox as a vector for executing commands on a vulnerable system.
</snip>

In non-geeky words, if you are running Firefox 2.0.0.5 or below on Windows XP SP2 you are vulnerable for getting screwed up. Though its mentioned that you might be safe if you don’t have IE 7 installed however, why take chances. There is something you can do to be warned, if not becoming completely safe. You can enable warnings if you are trying to access an external URI. Just follow simple steps to get warned or completely shutdown accessing external URIs.

  1. Go to about:config of your Firefox.
  2. Search for “network.protocol-handler". You will get a bunch of which are configurations telling your Firefox how to handle various protocols.
  3. So now here are your options and you need to decide whether you wish to completely shutdown access to external URIs or wish to get warned every time you access an external protocol.
  • You decide to shutdown complete access to external protocols -
    Change default value of “network.protocol-handler.external-default" and network.protocol-handler.external.(protocol) to false for all protocols. For example, I made the following preference name “false” -
    network.protocol-handler.external-default
    network.protocol-handler.external.mailto
    network.protocol-handler.external.news
    network.protocol-handler.external.nntp
    network.protocol-handler.external.snews

or

  • You decide to be warned every time you access external protocols -
    Change default value of “network.protocol-handler.warn-external-default" and network.protocol-handler.warn-external.(protocol) to false for all protocols. For example, I made the following preference name “false” -
    network.protocol-handler.warn-external-default
    network.protocol-handler.warn-external.mailto
    network.protocol-handler.warn-external.news
    network.protocol-handler.warn-external.nntp
    network.protocol-handler.warn-external.snews

Simple enough? Right? This is just a mechanism to prevent yourself from being vulnerable and in any case you should upgrade to higher version of Firefox as soon as it is available.

Further research -

http://www.kb.cert.org/vuls/id/403150
http://xs-sniper.com/blog/2007/07/24/remote-command-execution-in-firefox-2005/
http://xs-sniper.com/blog/remote-command-exec-firefox-2005/
http://kb.mozillazine.org/Firefox_:_FAQs_:_About:config_Entries
https://bugzilla.mozilla.org/show_bug.cgi?id=389580
http://support.microsoft.com/kb/224816
http://en.wikipedia.org/wiki/Uniform_Resource_Identifier

Disclaimer: Though I have taken utmost care to post everything true to best of my knowledge and have tried them before posting it, but I can not and do not take responsibility of any harm done to your system in anyways. So try it at your risk!

P.S. – Above is an usual disclaimer for keeping me out of trouble from people who don’t take responsibilities for their actions and need a scapegoat every time they get screwed. A request to everyone, if you found it helpful please leave a comment.

About these ads

~ by ms on July 28, 2007.

One Response to “Firefox – Not so secure afterall !!!”

  1. This gm script at http://userscripts.org/scripts/show/10971 should fix that should remove %00’s

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

 
Follow

Get every new post delivered to your Inbox.

%d bloggers like this: