Firefox Vunerability - Highly Critical - How can N.S help?
Firefox Vunerability - Highly Critical - How can N.S help?
How can NoScript help with this vunerability in Firefox? http://secunia.com/advisories/41095
Mozilla/5.0 (Windows; U; Windows NT 6.0; en-GB; rv:1.9.2.8) Gecko/20100722 Firefox/3.6.8
Re: Firefox Vunerability - Highly Critical - How can N.S hel
Don't know that there's anything for NoScript to do in this case.
http://www.dslreports.com/forum/r247129 ... ows-Applic
http://www.dslreports.com/forum/r247095 ... vulnerable
http://www.dslreports.com/forum/r247079 ... ws-DLL-bug
http://www.dslreports.com/forum/r247028 ... -patch-out
http://support.microsoft.com/kb/2264107
Worst part is, you or I don't know what to do about this. We may read the links or read the KB but still we don't understand enough to make an intelligent decision.
http://www.dslreports.com/forum/r247129 ... ows-Applic
http://www.dslreports.com/forum/r247095 ... vulnerable
http://www.dslreports.com/forum/r247079 ... ws-DLL-bug
http://www.dslreports.com/forum/r247028 ... -patch-out
http://support.microsoft.com/kb/2264107
Worst part is, you or I don't know what to do about this. We may read the links or read the KB but still we don't understand enough to make an intelligent decision.
Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.1.19) Gecko/20110420 SeaMonkey/2.0.14 Pinball NoScript FlashGot AdblockPlus
Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.1.11) Gecko/20100701 SeaMonkey/2.0.6
-
- Posts: 3
- Joined: Thu Aug 26, 2010 9:22 pm
Re: Firefox Vunerability - Highly Critical - How can N.S hel
it would be very difficult to exploit as from what im seeing, you need to have IE go to the site to initiate a share, and then open the html (in the share) inside firefox to exploit it (basically you need user interaction, and cannot be exploited using simple html, (although idk, if this can be exploited by automation ala javascript, but then you see that noscipt stops it), basically unless you are on a corporate setting, you shouldnt worry, as long as take care in what you click in IE (and IE-tab as it is exploitable too) you should be fine
Mozilla/5.0 (Windows NT 6.1; rv:2.0b5pre) Gecko/20100824 Minefield/4.0b5pre
Re: Firefox Vunerability - Highly Critical - How can N.S hel
What about using USB drive, as I understood it you are vunerable if you have one plugged indarkassain wrote:it would be very difficult to exploit as from what im seeing, you need to have IE go to the site to initiate a share, and then open the html (in the share) inside firefox to exploit it (basically you need user interaction, and cannot be exploited using simple html, (although idk, if this can be exploited by automation ala javascript, but then you see that noscipt stops it), basically unless you are on a corporate setting, you shouldnt worry, as long as take care in what you click in IE (and IE-tab as it is exploitable too) you should be fine
http://www.networkworld.com/news/2010/0 ... ml?hpg1=bn
Mozilla/5.0 (Windows; U; Windows NT 6.0; en-GB; rv:1.9.2.8) Gecko/20100722 Firefox/3.6.8
- Giorgio Maone
- Site Admin
- Posts: 9454
- Joined: Wed Mar 18, 2009 11:22 pm
- Location: Palermo - Italy
- Contact:
Re: Firefox Vunerability - Highly Critical - How can N.S hel
Keep Firefox running until you get updated to next Firefox version (which will contain a fix).
Firefox cannot be exploited while it's already running (you must open a malicious document causing Firefox to be started from the same directory, for the exploit to work).
Firefox cannot be exploited while it's already running (you must open a malicious document causing Firefox to be started from the same directory, for the exploit to work).
Mozilla/5.0 (Windows; U; Windows NT 5.2; en-US; rv:1.9.2.8) Gecko/20100722 Firefox/3.6.8
-
- Ambassador
- Posts: 1586
- Joined: Fri Mar 20, 2009 4:47 am
- Location: Colorado, USA
Re: Firefox Vunerability - Highly Critical - How can N.S hel
If keeping Firefox running until the next Firefox release -- currently scheduled for September 7 -- isn't practical, you can work around the vulnerability by starting Firefox from the Firefox icon instead of starting it by clicking on a link or malicious document.
Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.2.8) Gecko/20100722 Firefox/3.6.8
Re: Firefox Vunerability - Highly Critical - How can N.S hel
The new MS patch with CWDIllegalInDllSearch=2 prevents the loading of DLLs by local apps from remote CWDs (current working directories). But the safest solution which covers all potential vulnerabilities in this class is to completely block transparent file system access over the internet.
The following applies specifically to XP, but probably to newer windows as well.
There are two windows components that allow transparent folder (UNC) access to remote untrusted resources:
The following applies specifically to XP, but probably to newer windows as well.
There are two windows components that allow transparent folder (UNC) access to remote untrusted resources:
- Client for Microsoft Networks (SMB over TCP/UDP, port 445 & SMB over NetBIOS over TCP/UDP, ports 137-139). Client for Microsoft Networks can either be completely disabled (properties of the connection), or if needed for LAN sharing, either the router or local firewall can be configured to block outgoing TCP/UDP ports 137-139, 445 to the internet.
- WebCient service (WebDav protocol over http) - can be disabled through services.msc
Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.2.8) Gecko/20100722 Firefox/3.6.8
Re: Firefox Vunerability - Highly Critical - How can N.S hel
Wrong.you need to have IE
VLC media player & μTorrent (are at least two applications that) have fixed things on their ends.
When MS first published KB 2264107, the downloads were considered non-critical & you needed to verify authenticity first.
Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.1.19) Gecko/20110420 SeaMonkey/2.0.14 Pinball NoScript FlashGot AdblockPlus
Mozilla/5.0 (Windows NT 6.1; rv:2.0b5pre) Gecko/20100826 SeaMonkey/2.1b1pre
Re: Firefox Vunerability - Highly Critical - How can N.S hel
A general solution against this type of attack is presented here. The same can be accomplished with Applocker instead of SRP.
Mozilla/5.0 (X11; U; Linux x86_64; de-DE; rv:1.9.2.10pre) Gecko/20100828 Ubuntu/10.04 (lucid) Namoroka/3.6.10pre
Re: Firefox Vunerability - Highly Critical - How can N.S hel
(tlu, are you the tlu of SuRun, SUDO?)
How to Delete a Software Restriction Policy (SRP)?
W7: Lets Talk Standard User (Limited) vs Administrator
http://www.dslreports.com/forum/r24723349-
How to Delete a Software Restriction Policy (SRP)?
W7: Lets Talk Standard User (Limited) vs Administrator
http://www.dslreports.com/forum/r24723349-
Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.1.19) Gecko/20110420 SeaMonkey/2.0.14 Pinball NoScript FlashGot AdblockPlus
Mozilla/5.0 (Windows NT 6.1; rv:2.0b5pre) Gecko/20100826 SeaMonkey/2.1b1pre
Re: Firefox Vunerability - Highly Critical - How can N.S hel
I confesstherube wrote:(tlu, are you the tlu of SuRun, SUDO?)
Mozilla/5.0 (X11; U; Linux x86_64; de-DE; rv:1.9.2.10pre) Gecko/20100828 Ubuntu/10.04 (lucid) Namoroka/3.6.10pre
-
- Posts: 3
- Joined: Thu Aug 26, 2010 9:22 pm
Re: Firefox Vunerability - Highly Critical - How can N.S hel
if you read my whole post you would have found out that IE is need to initate a webdav sharetherube wrote:Wrong.you need to have IE
VLC media player & μTorrent (are at least two applications that) have fixed things on their ends.
When MS first published KB 2264107, the downloads were considered non-critical & you needed to verify authenticity first.
whether or not VLC or Utorrent are patched or not does not pertain to the topic which you brought up, which is how the exploit is initiated, through a shared folder, of which you can only initiate through IE...
Mozilla/5.0 (Windows NT 5.2; rv:2.0b5pre) Gecko/20100830 Firefox/4.0b5pre