NilsC 0 Report post Posted March 9, 2005 This exploit affects Mozilla based browsers and versions listed: Mozilla 1.7.x Mozilla Firefox 0.x Mozilla Firefox 1.x Mozilla Thunderbird 0.x Mozilla Thunderbird 1.x Description: Eric Johanson has reported a security issue in Mozilla / Firefox / Camino / Thunderbird, which can be exploited by a malicious web site to spoof the URL displayed in the address bar, SSL certificate, and status bar. The problem is caused due to an unintended result of the IDN (International Domain Name) implementation, which allows using international characters in domain names. This can be exploited by registering domain names with certain international characters that resembles other commonly used characters, thereby causing the user to believe they are on a trusted site. SECURITY TEST LINK HEREpaypal spoof This link will bring you to Secunia's browser test page. Read the security advisory here. http://secunia.com/advisories/14163/ Nils Share this post Link to post Share on other sites
-=Wrighty=- 0 Report post Posted March 9, 2005 Thanks for that NilsC, very helpful, I'll keep that in mind when signing up to anything ect. Share this post Link to post Share on other sites
vizskywalker 0 Report post Posted March 9, 2005 For those of you with Firefox, simply updating to version 1.01 fixes the problem. If you have version 1.0, a red arrow pointing up in a circle should appear on the toolbar towards the right side. If you click it, it will allow you to easily update. Share this post Link to post Share on other sites
spacewaste1405241471 0 Report post Posted March 9, 2005 yeah 1.01 fixed that problem because when I went to the test site it looked nothing like paypal.com Share this post Link to post Share on other sites
chris1234 0 Report post Posted March 9, 2005 thanks very useful, does updated mine.Just a question, will the browser remember the site (when typing the address in the bar) (cos it brings up sites with the same name for speed?)do you know what i mean to ask eh? i dont want ti to remember the bad un!chris Share this post Link to post Share on other sites
NilsC 0 Report post Posted March 9, 2005 Chris if you type the URL you are using the character set that is default on your computer. This spoof is done by signing up a website using a different character set where tha characters look the same but have a different ascii value.so typing the URL is safe.Nils Share this post Link to post Share on other sites
saxsux 0 Report post Posted April 9, 2005 To be sure, you could just clear your history. Share this post Link to post Share on other sites
Trekkie101 0 Report post Posted April 9, 2005 very old is this not. Fixed in the latest firefox builds (and releases) Share this post Link to post Share on other sites
