Threat Level: green Handler on Duty: Chris Mohan

SANS ISC InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

impad4d Vulnerability & Patch Released

Published: 2005-09-11
Last Updated: 2005-09-12 18:39:41 UTC
by Tony Carothers (Version: 3)
0 comment(s)
iDefense has released a new vulnerability within GNU Mailutils.  Mailutils is a collection of mail-related utilities, with the vulnerability applying specifically to the 0.6 version and imap4d daemon.  The exploit "could allow an authenticated attacker to execute arbitrary code."  As well, iDefense is "unaware of any effective workaround for this issue".

Patch Link
http://savannah.gnu.org/patch/index.php?func=detailitem&item_id=4407

Vulnerability Link
http://www.idefense.com/application/poi/display?id=303

GNU Mailutils information
http://www.gnu.org/software/mailutils/mailutils.html


Tony Carothers
Handler on Duty
Keywords:
0 comment(s)

Firefox 1.5 beta 1 released

Published: 2005-09-12
Last Updated: 2005-09-12 15:14:44 UTC
by Tony Carothers (Version: 3)
0 comment(s)
You can get from here :  FireFox 1.5 Beta 1

One of our readers, Matthew, submitted that there is a new version of Firefox available for download.  The latest version of the Firefox web browser, 1.5, is out in beta 1.  After personally installing it earlier today I have found it be incredibly stable and feature rich.  According to Mozilla, Firefox 1.5 beta 1 is still vulnerable to the IDN buffer overflow vulnerability published on Sep. 8th.  It is highly recommended that all users take the steps indicated in the link below to secure against this vulnerability.

Patch information
https://addons.mozilla.org/messages/307259.html


Tony Carothers
Handler on Duty

Keywords:
0 comment(s)

Netscape URL Domain Name Buffer Overflow

Published: 2005-09-11
Last Updated: 2005-09-11 00:37:23 UTC
by Koon Yaw Tan (Version: 2)
0 comment(s)
Netscape also suffers similar URL Domain Name Buffer Overflow as Firefox. The vulnerability has been confirmed in versions 8.0.3.3 and 7.2. Other versions may also be affected. Currently there is no solution available besides not to browse untrusted websites. You can read the details at Secunia.

[Update 1]
Below is contributed by Juha-Matti on a workaround on this issue:

Manual about:config method for disabling IDN support works fully in Netscape Browser 8 (the newest version 8.0.3.3 was tested) too due to the same Firefox codebase.

Netscape 8 has the same about:config preference "network.enableIDN" in use and the same Filter dialog box when searching the exact preference name. A xpi patch file is not purposed to Netscape, because it will modify the UA string directly (adding "no IDN").

Instructions (same as Mozilla.org FF/Mozilla):
1. Type about:config into the address field and hit Enter.
2. In the Filter toolbar, type network.enableIDN.
3. Right click on the the network.enableIDN item and select Toggle to change value to false.

Keywords:
0 comment(s)
Diary Archives