查看: 1985|回復: 2

[轉貼] Mozilla 和 Firefox 有漏洞囉!!

[複製鏈接]

Katsuya

40 主題	0 好友	912 積分

該用戶從未簽到

文章: 929

發消息

電梯直達

1^#

發表於 2005-2-17 21:05 |只看該作者 |倒序瀏覽

轉自老神
詳情: http://secunia.com/advisories/14163/

Mozilla Products IDN Spoofing Security Issue

SECUNIA ADVISORY ID:
SA14163

發佈日期:
2005-02-07

最新更新:
2005-02-14

VERIFY ADVISORY:
http://secunia.com/advisories/14163/

嚴重性:
Moderately critical

WHERE:
From remote

作用:
Spoofing

受影響程式:
Mozilla 1.7.x
Mozilla Firefox 0.x
Mozilla Firefox 1.x
Mozilla Thunderbird 0.x
Mozilla Thunderbird 1.x

DESCRIPTION:
Eric Johanson has reported a security issue in Mozilla / Firefox / Camino / Thunderbird, which can be exploited by a malicious web site to spoof the URL displayed in the address bar, SSL certificate, and status bar.

The problem is caused due to an unintended result of the IDN (International Domain Name) implementation, which allows using international characters in domain names.

This can be exploited by registering domain names with certain international characters that resembles other commonly used characters, thereby causing the user to believe they are on a trusted site.

Secunia has constructed a test, which can be used to check if your browser is affected by this issue:
http://secunia.com/multiple_browsers_idn_spoofing_test/
(點選這個連接去測試看看你的瀏覽器會不會被騙)

The issue has been confirmed in Mozilla 1.7.5, Firefox 1.0 and Thunderbird 1.0. Other versions may also be affected.

解決方法:
不要點選來歷不明的網頁上的連接（這..）.
自己手動輸入連接 - （真累！）

淘帖0 分享0 收藏0 頂0 踩0

回復

使用道具舉報

stelin21

577 主題	0 好友	2423 積分

TA的每日心情

	無聊 2021-12-14 14:52

簽到天數: 64 天

連續簽到: 1 天

[LV.6]常住居民II

文章: 3385

發消息

2^#

發表於 2005-2-17 21:57 |只看該作者

Re: [轉貼] Mozilla 和 Firefox 有漏洞囉!!

Originally posted by Katsuya at 2005-2-17 09:05 PM:
受影響程式:
Mozilla 1.7.x
Mozilla Firefox 0.x
Mozilla Firefox 1.x
Mozilla Thunderbird 0.x
Mozilla Thunderbird 1.x

其實Mac上的safari也有受到影響
opera跟Netscape也是....
其他的...上述的網頁還有提到