ÎÜñ|‹ø\/\/ñ [ÐëÞrëçã†ëð]'s Blog

Two vulnerabilities in the popular Firefox browser have been rated “extremely critical” because exploit code is now available to take advantage of them. The cross-site scripting and remote system access flaws were discovered in Firefox version 1.0.3, but other versions may also be affected, said security company Secunia, which issued the ratings Sunday. One flaw involves “IFRAME” JavaScript URLs, which are not properly protected from being executed in the context of another URL in the history list. A second vulnerability exists in the IconURL parameter in InstallTrigger.install(). Information passed to this parameter is not properly verified before it’s used, allowing an attacker to gain user privileges. This flaw could allow an attacker to gain and escalate user privileges on a system.

You can disable JavaScript as a workaround for now, but when a patch is released, I guess I would need to reinstall this all over again. *sigh*. And everyone says (including me) that this is more secure than IE. You can read the details here.

Update: You can more information about the bug and the work around from Mozilla here.

Tags: .security

Got this via internal communities at Avanade. Seems like in Ohio it is legal for cops to steal someone else’s identity as long as it is part of an investigation without your consent – quite scary I think.

Tags: .security

SecurityFocus has two part article that looks at the new generation of WEP cracking tools for WiFi networks, which offer dramatically faster speeds for penetration testers over the previous generation of tools. In many cases, a WEP key can be determined in seconds or minutes. Part one, compares the latest KoreK based tools that perform passive statistical analysis and brute-force cracking on a sample of collected WEP traffic. Part two, looks at active attack vectors, including a method to dramatically increase the rate of packet collection to make statistical attacks even more potent.

On August 8th, 2004, a hacker named KoreK posted new WEP statistical cryptanalysis attack code (soon to become a tool called chopper) to the NetStumbler forums. While chopper is functional, it is not currently maintained, and the attacks have since seen better implementations in aircrack and WepLab. However, the KoreK attacks change everything. No longer are millions of packets required to crack a WEP key; no longer does the number of obviously “weak” or “interesting” IVs matter. With the new attacks, the critical ingredient is the total number of unique IVs captured, and a key can often be cracked with hundreds of thousands of packets, rather than millions.

One of the tools discussed is Aircrack, which implements KoreK’s attacks as well as improved FMS, aircrack provides the fastest and most effective statistical attacks available. To give aircrack a try, simply collect as many packets as possible from a WEP encrypted wireless network, save them as a pcap file, and then start aircrack from the command line.

More Information:

• http://tinyurl.com/5mexu
• http://tinyurl.com/6y2rr
• http://tinyurl.com/2k23o
• http://tinyurl.com/3syo7

Tags: .security