Home
Home

Directory
Directory

Articles
Internet News
Security News
Ecommerce News
Domain News

Site Tools
Site Speed Test
Keyword Research
Resolve Hostname
DNS Tools
Register Domains
Affiliate Programs
Open Source

Shopping Carts
Cart Reviews
SSL Certificates

Enter your email address to subscribe to our updates:

Delivered by FeedBurner


Venue Charts
Channel Traffic Rankings
OAI Stock Quotes and Charts
eBay's Worst Feedback

Forum
Forum Home
TulipTools News
Advertising
Blogging
Computer Hardware
Domain Names
Ecommerce
Financing
Int'l Trading
Graphics and HTML
Internet Access
Legal Issues
Internet Business
Auction Sites
Classified Ad Sites
Fixed Price Venues
Operating Systems
Programming
Search Engines
Internet Security
Software
Web Hosting
Webmaster Issues
Reviews
Announcements
Off Topic Discussion

Web Hosting
TulipHosting

Domain Names
TulipDomains

Web Stats
TulipStats

Forum Rules
Forum Rules
Privacy Policy

Site Map
Forum Sitemap
Sitemap Topics




Directory| Forums| Internet News|Cart Reviews| DNS Tools| Keyword Research| Site Speed Test| Security| | Domain Marketplace| Domain Blog
TulipTools Internet Business Owners and Online Sellers Community
  • Home
  • Search
  • Member List
  • Calendar
Hello There, Guest! Login Register
TulipTools Internet Business Owners and Online Sellers Community › Operating Systems, Browsers, and Email Clients › Operating Systems, Browsers, and Email Clients and Services › Internet Browsers › Mozilla Browsers: Firefox, Mozilla, Netscape v
« Previous 1 2 3

Unpatched Firefox 1.5 exploit made public

  
Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Threaded Mode | Linear Mode
Unpatched Firefox 1.5 exploit made public
12-09-2005, 11:25 AM,
Post: #1
mandy Offline
Administrator
*******
Posts: 9,932
Likes Given: 0
Likes Received: 6 in 5 posts
Joined: Feb 2011
Reputation: 0
Unpatched Firefox 1.5 exploit made public
Quote:Exploit code for the latest version of open-source browser Firefox was published Wednesday, potentially putting users at risk of a denial-of-service attack.

The exploit code takes advantage of a bug in the recently released Firefox 1.5, running on Windows XP with Service Pack 2...

The latest Firefox flaw exists in the history.dat file...
full article: http://news.com.com/Unpatched+Firefox+1....g=nefd.top

Quote:WORKAROUNDS:

However, the following is a workaround that should work (if it doesn't let me know).  Go to Tools -> Options.

Select the Privacy Icon, and then the History tab.  Set the number of days to save pages at 0.  This will disable writing anything to history.dat as far as I can tell, and should nullify the exploit

full article: http://isc.sans.org/diary.php?storyid=920
Like Post Reply
[+]
12-11-2005, 05:54 PM,
Post: #2
jezebel Offline
Tulip Fanatic
*******
Posts: 1,385
Likes Given: 0
Likes Received: 0 in 0 posts
Joined: Jul 2005
Reputation: 0
Re: Unpatched Firefox 1.5 exploit made public
Mozilla says its not a risk to users

Quote:Long-title temporary startup unresponsiveness

Web pages with extremely long titles (the posted proof of concept used 2.5 million characters) can cause Mozilla Firefox and the Mozilla Suite to appear to "hang" on startup when reading the browsing history data. The browser will eventually continue normally although this can take up to several minutes on a slower computer. The unresponsive starts will continue until the item with the long title is removed from the history file or eventually expires.

We have investigated this issue and can find no basis for claims that variants of this denial-of-service attack can cause an exploitable crash, and no evidence for this claim has been offered. There does not appear to be any risk to users or their computers beyond the temporary unresponsiveness at startup.

Should the user encounter this problem the slow starts can be fixed by deleting the item from history.
Deleting the item from history

  1. Open History from the Go menu
  2. Select the item with the long title
  3. Press the delete button

Clearing all history data

    * In Firefox 1.5
        1. Select "Clear Private Data" from the Tools menu
        2. Check the "Browsing History" box and press the "Clear Private Data Now" button
    * In Firefox 1.0 (also works in 1.5)
        1. Select "Options" from the "Tools" menu
        2. On the "Privacy" tab select "History"
        3. Press the Clear button in the History section
Like Post Reply
[+]
12-11-2005, 06:36 PM,
Post: #3
Nat Offline
Big Member
*****
Posts: 379
Likes Given: 0
Likes Received: 0 in 0 posts
Joined: Sep 2005
Reputation: 0
Re: Unpatched Firefox 1.5 exploit made public
One of the first things I did when I downloaded and installed Firefox 1.5 the other day was I went into Tools > Options > Privacy and I clicked the "Settings...." button for the Clear Private Data Tool and clicked the ones I want to clear and then I selected "Clear Private Data When Closing Firefox". 

This way all that I want deleted in the history, cookies, cache, etc is automatically deleted every time I close Firefox.  I haven't had any problems.
Like Post Reply
[+]
« Next Oldest | Next Newest »




Possibly Related Threads…
Thread Author Replies Views Last Post
  Firefox 3 handling of SSL certificates is bad for the Web mandy 0 2,204 08-04-2008, 01:28 PM
Last Post: mandy
  Mozilla Releases Firefox 3 mandy 21 9,576 06-13-2008, 12:09 PM
Last Post: mandy
  Study: Firefox and Opera Users Have Higher IQs Than Internet Explorer Users mandy 0 2,054 05-27-2008, 12:08 PM
Last Post: mandy
  Firefox: Faster Than a Speeding Bullet? BellisimaJ. 0 1,967 04-26-2008, 02:12 PM
Last Post: BellisimaJ.
  Flaw in how Firefox handles log-ons leaves passwords vulnerable to ID thieves mandy 0 2,047 01-05-2008, 10:34 AM
Last Post: mandy
  Mozilla announces Firefox for Mobiles Kristijntje 0 2,629 10-10-2007, 03:20 PM
Last Post: Kristijntje
  Why Firefox is Blocked BellisimaJ. 14 6,171 09-16-2007, 08:35 PM
Last Post: bargainbloodhound
  Password vulnerability in Firefox 2.0.0.5 mandy 0 2,193 07-24-2007, 09:24 AM
Last Post: mandy
  Firefox: 20 tweaks for speeding up page loads, reducing memory drain mandy 1 2,891 05-31-2007, 08:02 AM
Last Post: accentnepal
  Ten Firefox Extensions to Avoid: FasterFox, GreaseMonkey, NoScript, and more Kristijntje 1 4,448 05-28-2007, 01:07 PM
Last Post: BellisimaJ.

  • View a Printable Version
  • Send this Thread to a Friend
  • Subscribe to this thread
Forum Jump:


Users browsing this thread: 1 Guest(s)
  • Contact Us
  • TulipTools Internet Business Owners and Online Sellers Community
  • Return to Top
  • Lite (Archive) Mode
  • RSS Syndication
  • Help
Current time: 05-17-2022, 02:50 PM Powered By MyBB, © 2002-2022 MyBB Group. Theme created by Justin S.
powered by Apache

powered by Linuxpowered by CentOS

Copyright 2000-2013 TulipTools.com. All rights reserved.