On Wed, 16 Feb 2005 08:22:51 -0500
"Scot L. Harris" <webid@xxxxxxxxxx> wrote:
> On Tue, 2005-02-15 at 22:41, jdow wrote:
> > From: "jdow" <jdow@xxxxxxxxxxxxx>
> > > From: "Jeff Vian" <jvian10@xxxxxxxxxxx>
> > > > On Tue, 2005-02-15 at 17:13 -0800, jdow wrote:
> > > > > From: "David Curry" <dsccable@xxxxxxxxxxx>
> > > > >
> > > > >
> > > > > > jdow wrote:
> > > > > >
> > > > > > >Of course you do know of the recent exploits found for
> > > > > > >Mozilla,
> > > aren't
> > > > > > >you, Brian? What's this "No antivirus needed" I hear about
> > > > > > >for
> > Linux?
> > > > > > >
> > > > > > >{^_-} The quibbler.
> > > > > > >
> > > > > > >
> > > > > > "Recent exploits found for Mozilla" is news here. Care to
> > > > > > elaborate
> > > or
> > > > > > point me in the right direction?
> > > > >
> > > > > Ran across it in the Dartmouth IRIA news summaries yesterday.
> > > > > It's scrolled off. It appears to affect the core of Mozilla so
> > > > > it affects FireFox as well. It should appear in the CERT
> > > > > advisories.
> > > > >
> > > > > It appears Mozilla is getting more attention from crackers now
> > > > > that it is starting to command a noticeable market share. It's
> > > > > a matter of time before more serious items appear. Of course,
> > > > > without things like ActiveX it's a little harder to mash a
> > > > > Linux machine than a Windows machine.
> > > > >
> > > > > {^_^}
> >
> > They had another reference today - it was a spyware application. If
> > a spyware can be tossed onto the machine then a rootkit can, also.
> >
> > http://news.com.com/Spyware+takes+aim+at+Mozilla+browsers/2100-7349_3-5569635.html
> >
> > {^_^}
>
> The recent exploit I read about was used more in phishing scams. They
> used the internationalization features to display certificates and
> prompts that looked like they came from legit sources so the users
> would click on them.
>
> The article above did not go into much detail but sounds like it is a
> combination of the exploit which gets the users to click on accepting
> a download of a program.
No, not really the downloading of a program. Rather, to get you to click
to go to a web site that will look just like Citibank or Amex so that
you enter confidential info that will then be recorded.
>From what I understand, Mozilla will now ship with the
internationalization features turned off by default. The article you
were referring to (worth reading!) was publicised on Slashdot:
http://slashdot.org/article.pl?sid=05/02/15/1922215&tid=154&tid=1
cheers,
Robert
