Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Attack code for Firefox zero-day goes wild, says researcher. Black hats, take note
02-19-2010, 11:37 PM,
#1
Attack code for Firefox zero-day goes wild, says researcher. Black hats, take note
Original URL: http://www.theregister.co.uk/2010/02/18/firefox_zero_day_report/
Attack code for Firefox zero-day goes wild, says researcher

Black hats, take note

By Dan Goodin in San Francisco

Posted in Security, 18th February 2010 21:16 GMT

Hitachi IT Operations Analyzer: 30-day free trial

A Russian security researcher on Thursday said he has released attack code that exploits a critical vulnerability in the latest version of Mozilla's Firefox browser.

The exploit - which allows attackers to remotely execute malicious code on end user PCs - triggers a heap corruption vulnerability in the popular open-source browser, said Evgeny Legerov, founder of Moscow-based Intevydis. He recently added it as a module to Vulndisco, an add-on to the Immunity Canvas (http://www.immunitysec.com/products-canvas.shtml) automated exploitation system sold to security professionals.

"We've played a lot with it in our labs - it was very reliable," Legerov wrote in an email to The Reg. "Works against the default install of Firefox 3.6. We've tested it on XP and Vista."

The report comes as Mozilla pushed out a Firefox update that tackles three critical vulnerabilities (http://www.theregister.co.uk/2010/02/18/firefox_update/) in version 3.5.7. One of those bugs is also described as a heap corruption vulnerability, but Legerov said the flaw is different from the one his code exploits.

Mozilla issued a statement that read in part: "Mozilla takes all security vulnerabilities seriously, and have as yet been unable to confirm the claim of an exploit. We value the contributions of all security researchers and encourage them to work within our security process, responsibly disclosing vulnerabilities to ensure the highest level of security and best outcome for users."

Legerov said his firm does not provide advanced notification to software makers under an arrangement often referred to as responsible disclosure.

If Legerov's claim pans out, it would be one of the few times in recent memory that a zero-day vulnerability for Firefox has circulated in the wild. While the exploit is currently available only to those who pay a hefty licensing fee, wider circulation can't be far behind. This story will be updated as more is learned.

More about the bug is here (https://forum.immunityinc.com/board/thread/1161/vulndisco-9-0/) and here (http://secunia.com/advisories/38608/). ®

This story was updated to correct an inaccuracy about the availability of Immunity Canvas.
[Image: conspiracy_theory.jpg]
Reply
02-20-2010, 12:13 AM,
#2
RE: Attack code for Firefox zero-day goes wild, says researcher. Black hats, take note
NoScript to the rescue! http://noscript.net/

...at least I hope so... Umm
“Today’s scientists have substituted mathematics for experiments, and they wander off through equation after
equation, and eventually build a structure which has no relation to reality. ” -Nikola Tesla

"When the power of love overcomes the love of power the world will know peace." -Jimi Hendrix
Reply
02-20-2010, 12:26 AM,
#3
RE: Attack code for Firefox zero-day goes wild, says researcher. Black hats, take note
it only attacks windoze OS's...
linux anyone?
[Image: conspiracy_theory.jpg]
Reply
02-20-2010, 12:53 AM,
#4
RE: Attack code for Firefox zero-day goes wild, says researcher. Black hats, take note
(02-20-2010, 12:26 AM)h3rm35 Wrote: linux anyone?

I would more but it doesn't support my hardware correctly. There are drawbacks to the less traveled road.
“Today’s scientists have substituted mathematics for experiments, and they wander off through equation after
equation, and eventually build a structure which has no relation to reality. ” -Nikola Tesla

"When the power of love overcomes the love of power the world will know peace." -Jimi Hendrix
Reply
02-20-2010, 01:21 AM,
#5
RE: Attack code for Firefox zero-day goes wild, says researcher. Black hats, take note
which hardware? Everything that I've plugged in has been supported with less issues than windoze... I never need to install drivers.
[Image: conspiracy_theory.jpg]
Reply
02-20-2010, 01:35 AM,
#6
RE: Attack code for Firefox zero-day goes wild, says researcher. Black hats, take note
ATI video cards. Even with the proprietary drivers from ATI, video hardware acceleration does not work. I've tried every driver available including compiling my own and still no hardware acceleration. Works in Windows just fine but not in any linux distro I've tried, which has been probably 10 so far.
“Today’s scientists have substituted mathematics for experiments, and they wander off through equation after
equation, and eventually build a structure which has no relation to reality. ” -Nikola Tesla

"When the power of love overcomes the love of power the world will know peace." -Jimi Hendrix
Reply
02-20-2010, 01:50 AM,
#7
RE: Attack code for Firefox zero-day goes wild, says researcher. Black hats, take note
well that's unfortunate... have you tried Ubuntu Ultimate Edition gamer's versions?
[Image: conspiracy_theory.jpg]
Reply
02-20-2010, 02:12 AM,
#8
RE: Attack code for Firefox zero-day goes wild, says researcher. Black hats, take note
I haven't tried the gamers edition, but I have tried at least 3 of the UE's. It's not gaming acceleration, at least I haven't even gotten to that level to know yet. I'm still unable to get proper hardware acceleration of HD format video in either 1080p or 720p. There are still issues with proper display of non HD content as well. I've given up trying to solve it as it's been a 2 year issue at this point.
“Today’s scientists have substituted mathematics for experiments, and they wander off through equation after
equation, and eventually build a structure which has no relation to reality. ” -Nikola Tesla

"When the power of love overcomes the love of power the world will know peace." -Jimi Hendrix
Reply
02-20-2010, 03:17 AM,
#9
RE: Attack code for Firefox zero-day goes wild, says researcher. Black hats, take note
https://launchpad.net/envy
“Everything Popular Is Wrong” - Oscar Wilde
Reply
02-20-2010, 03:25 AM,
#10
RE: Attack code for Firefox zero-day goes wild, says researcher. Black hats, take note
Thanks for the link but Envy doesn't help. It was one of the first things I tried. I think the problem lies with ATIs proprietary drivers and having an AGP version of their card. I've not found any instance of folks being able to solve my problem. When posts are made with the same problems I have, they remain unanswered and unsolved.
“Today’s scientists have substituted mathematics for experiments, and they wander off through equation after
equation, and eventually build a structure which has no relation to reality. ” -Nikola Tesla

"When the power of love overcomes the love of power the world will know peace." -Jimi Hendrix
Reply
02-20-2010, 06:50 AM,
#11
RE: Attack code for Firefox zero-day goes wild, says researcher. Black hats, take note
AGP? Ouch! Time for a major upgrade!
[Image: randquote.png]
Reply
02-20-2010, 07:00 AM,
#12
RE: Attack code for Firefox zero-day goes wild, says researcher. Black hats, take note
Tell me about it.... Sad
Doesn't seem to be in the cards in the foreseeable future as I'm doing good just to stay out of the clink.
I'm open for all donations, however. Tongue
“Today’s scientists have substituted mathematics for experiments, and they wander off through equation after
equation, and eventually build a structure which has no relation to reality. ” -Nikola Tesla

"When the power of love overcomes the love of power the world will know peace." -Jimi Hendrix
Reply
02-20-2010, 11:00 AM,
#13
RE: Attack code for Firefox zero-day goes wild, says researcher. Black hats, take note
Dude, even stuff people throw in the trash has PCI-X
Reply


Possibly Related Threads...
Thread Author Replies Views Last Post
Thumbs Down Firefox 29 Trying to Look Like Chrome and Sucks! bristopen 11 883 06-06-2014, 09:02 PM
Last Post: Easy Skanking
  Firefox: Disabling Mixed Content Warnings (v18+), download 17ESR thokling 0 440 01-13-2014, 12:52 PM
Last Post: thokling
  Linux Mint: Shipped with "Prism" Firefox profile Doomsticks 6 1,175 07-26-2013, 04:41 AM
Last Post: Doomsticks
  Pale Moon: The Firefox Alternative thokling 9 1,849 04-06-2013, 07:11 PM
Last Post: thokling
  Firefox 'new tab' feature exposes users' secured info: Fix promised h3rm35 0 466 06-23-2012, 01:33 AM
Last Post: h3rm35
Thumbs Up Wow! if you use firefox and have broadband, you MUST try this! h3rm35 22 5,111 07-01-2011, 12:20 AM
Last Post: pax681
  Windows CE-based ATM's can easily be made to dole out $, security researcher says h3rm35 2 1,428 09-08-2010, 05:09 AM
Last Post: icosaface
  A question to anyone using firefox icosaface 1 847 07-10-2010, 09:24 PM
Last Post: h3rm35
  Intel &Nokia released the 1st code from their joint mobile Linux project, MeeGo h3rm35 0 500 05-30-2010, 12:35 AM
Last Post: h3rm35
  New attack bypasses virtually all AV protection h3rm35 3 1,053 05-09-2010, 12:34 PM
Last Post: Hans Olo

Forum Jump:


Users browsing this thread: 1 Guest(s)