Security News -  Security Reviews -   Exploits -  Tools -  UNIX Focus -  Windows Focus
SecuriTeam™  Beyond Security®  SecuriTeam™ Home  Ask the Team  Mailing Lists  Advertising Info  Blogs  Black Box Testing  Vulnerability Assessment  Vulnerability Scanner SecuriTeam™ in Your Inbox   E-mail this article to a friend New vulnerability? New tool? Tell us	Multiple Web Browsers Handling of Back Ticks Cause Command Execution 24 Nov. 2005    Summary The web browsers Mozilla Firefox, Mozilla Suite and Opera are vulnerable to local program execution allowing remote attackers to cause the program to execute arbitrary programs.   Credit: The information has been provided by Secunia . The original article can be found at: http://secunia.com/advisories/16869/ Mozilla Advisory can be found: http://www.mozilla.org/security/announce/mfsa2005-59.html Mozilla bugzilla report can be found: https://bugzilla.mozilla.org/show_bug.cgi?id=307185    Details Audit your web server for security holes - see what the hackers see. Sign up for a scan today - risk free! Vulnerable Systems:  * Mozilla Firefox version 1.0.6  * Mozilla Suite version 1.7.10  * Opera version 8 Immune Systems:  * Opera version 8.51  * Mozilla Firefox version 1.0.7  * Mozilla suite 1.7.12 By opening Mozilla Firefox, Mozilla Suite or the Opera browser with back ticks (`) chars, it is possible to execute arbitrary programs on Linux and UNIX based systems, with the privileges of the running user. Proof of Concept: Firefox: firefox http://local\`find\`host Mozilla Suite: mozilla http://local`df`host CVE Information: CAN-2005-2968 CERT Information: http://www.kb.cert.org/vuls/id/914681  Comments:  Add new comment:  Subject:  Name/Nick/Email:          Chars Left:	All Sections Security News Unix focus Exploits Tools Windows focus Security Reviews  Related Articles Apache HTTP Server mod_proxy_ftp Wildcard Characters Cross-Site Scripting Dreambox DM500 Webserver Long URL Request Denial of Service Multiple Vulnerabilities in AWStats Totals vBulletin Cross Site Scripting Vulnerability (popup) Calendarix Basic Two SQL Injection Vulnerabilities Multiple Heap Overflows in Xine-Lib OpenLDAP BER Decoding Remote DoS Vulnerability Vim Netrw FTP User Name and Password Disclosure Solaris snoop SMB Multiple Vulnerabilities Libxslt Heap-Based Buffer Overflow Apache Tomcat XSS Vulnerability Apple Mac OS X CoreGraphics PDF Type1 Font Integer Overflow Vulnerability Ingres Database for Linux Multiple Vulnerabilities SAP MaxDB dbmsrv Untrusted Execution Path Vulnerability Asterisk IAX 'POKE' Resource Exhaustion  Featured Articles Microsoft ASP.NET ValidateRequest Filters Bypassing Allows XSS And HTML Injection Attacks vBulletin Cross Site Scripting Vulnerability (popup) Internet Explorer Zone Elevation Restrictions Bypass and Security Zone Restrictions Bypass (MS08-043) MicroWorld MailScan - Multiple Vulnerabilities within Admin-Webinterface Sun xVM VirtualBox Privilege Escalation Vulnerability Vulnerabilities in DNS Allows Spoofing (MS08-037) Vulnerabilities in Microsoft SQL Server Allows Elevation of Privilege (MS08-040)
	Security News - Security Reviews - Exploits - Tools - UNIX Focus - Windows Focus - Blogs - CVEs

Copyright © 1998-2008 Beyond Security® All rights reserved.
Terms of Use Site Privacy Statement.
SecuriTeam™ is a trademark of Beyond Security®