-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
You're right about the "I'm feeling luky". That's exactly what happens.
Firefox uses google "I'm feeling lucky" feature with the word "primein"
as the search string. This causes firefox to go to the first result of
the search. The first result is that .DOC file. With me, it asks me if I
want to open it or save it (in Linux). So I guess that behavior was set
by you. You have firefox configured to automatically open .DOC files.
Edwin Davidson wrote:
| Hopefully I am mistaken, but I believe this is a security concern.
|
| In Firefox .9.3 for Windows, when I type in the address line
|
| primein
|
| and press enter, Firefox automatically opens up a .DOC file named
| tow_log.doc.
|
| I have OpenOffice installed, however the experiences I have had with
| viruses in .DOC files would cause me to be concerned about FIREFOX
| automatically opening up a .DOC file without prompting me.
|
| The captured packed is shown below. This is as a result of FIREFOX
| doing a "Feeling lucky" query to Google, which is the second packet
| shown below.
|
| Edwin Davidson
|
| 0000 00 60 97 1d a1 68 00 0d 88 20 65 40 08 00 45 10 .`...h.. .
| [EMAIL PROTECTED]
| 0010 01 d7 66 d6 00 00 32 06 5e cf d8 ef 27 68 c0 a8 ..f...2.
| ^...'h..
| 0020 00 6c 00 50 05 f1 b2 6e eb 31 bc fb 9c e0 50 18 .l.P...n
| .1....P.
| 0030 7f b8 6d 6a 00 00 48 54 54 50 2f 31 2e 31 20 33 ..mj..HT
| TP/1.1 3
| 0040 30 32 20 46 6f 75 6e 64 0d 0a 4c 6f 63 61 74 69 02 Found
| ..Locati
| 0050 6f 6e 3a 20 68 74 74 70 3a 2f 2f 77 77 77 2e 63 on: http
| ://www.c
| 0060 73 75 70 6f 6d 6f 6e 61 2e 65 64 75 2f 7e 62 62 supomona
| .edu/~bb
| 0070 72 6f 77 6e 2f 53 41 53 5f 53 74 75 66 66 2f 74 rown/SAS
| _Stuff/t
| 0080 6f 77 5f 6c 6f 67 2e 64 6f 63 0d 0a 43 6f 6e 74 ow_log.d
| oc..Cont
| 0090 65 6e 74 2d 54 79 70 65 3a 20 74 65 78 74 2f 68 ent-Type :
| text/h
| 00a0 74 6d 6c 0d 0a 53 65 72 76 65 72 3a 20 47 57 53 tml..Ser ver:
| GWS
| 00b0 2f 32 2e 31 0d 0a 54 72 61 6e 73 66 65 72 2d 45 /2.1..Tr
| ansfer-E
| 00c0 6e 63 6f 64 69 6e 67 3a 20 63 68 75 6e 6b 65 64 ncoding:
| chunked
| 00d0 0d 0a 43 6f 6e 74 65 6e 74 2d 45 6e 63 6f 64 69 ..Conten
| t-Encodi
| 00e0 6e 67 3a 20 67 7a 69 70 0d 0a 44 61 74 65 3a 20 ng: gzip
| ..Date:
| 00f0 53 75 6e 2c 20 32 39 20 41 75 67 20 32 30 30 34 Sun, 29 Aug
| 2004
| 0100 20 31 33 3a 35 33 3a 35 37 20 47 4d 54 0d 0a 43 13:53:5 7
| GMT..C
| 0110 61 63 68 65 2d 43 6f 6e 74 72 6f 6c 3a 20 70 72 ache-Con
| trol: pr
| 0120 69 76 61 74 65 2c 20 78 2d 67 7a 69 70 2d 6f 6b ivate, x
| -gzip-ok
| 0130 3d 22 22 0d 0a 0d 0a 61 38 0d 0a 1f 8b 08 00 00 =""....a
| 8.......
| 0140 00 00 00 02 ff 4c 8e bb 0e 82 30 18 85 f7 26 bc .....L..
| ..0...&.
| 0150 43 c3 03 f4 f7 b2 99 df 26 35 60 6a 02 31 91 2e C.......
| &5`j.1..
| 0160 4e 04 a1 d8 41 28 81 d6 6e 3e bb 20 8b e3 b9 e4 N...A(.. n>.
| ....
| 0170 7c 07 a5 ca 33 8e 32 15 09 47 75 51 59 ca f7 9b |...3.2.
| .GuQY...
| 0180 1d cd ed 5b 37 08 ab 81 b0 c6 a7 6b 72 e7 04 e5 ...[7...
| ...kr...
| 0190 f6 bf 32 2b a2 8c a6 8d ad 7d a7 7b 47 4d 35 d1 ..2+....
| .}.{GM5.
| 01a0 6e c9 08 0a 2a 6f e9 f9 18 1b e7 86 03 40 08 81 n...*o..
| [EMAIL PROTECTED]
| 01b0 d5 93 1f 6c 67 fb 8a e9 c6 c3 e7 f1 18 6d e8 a1 ...lg...
| .....m..
| 01c0 10 45 59 38 df b6 e0 6c 28 5f f6 c9 e6 b9 98 1b .EY8...l
| (_......
| 01d0 3d 6a 04 c1 59 44 10 7e f4 99 b7 fc 8d c8 17 00 =j..YD.~
| ........
| 01e0 00 ff ff 0d 0a .....
|
|
|
|
| 0000 00 0d 88 20 65 40 00 60 97 1d a1 68 08 00 45 00 ... [EMAIL PROTECTED]
| ...h..E.
| 0010 02 40 42 4a 40 00 20 06 55 02 c0 a8 00 6c d8 ef [EMAIL PROTECTED]@. .
| U....l..
| 0020 27 68 05 f1 00 50 bc fb 9a 29 b2 6e eb 31 50 10 'h...P..
| .).n.1P.
| 0030 fc 00 69 a1 00 00 47 45 54 20 2f 73 65 61 72 63 ..i...GE T
| /searc
| 0040 68 3f 62 74 6e 49 3d 49 25 32 37 6d 2b 46 65 65 h?btnI=I
| %27m+Fee
| 0050 6c 69 6e 67 2b 4c 75 63 6b 79 26 69 65 3d 55 54 ling+Luc
| ky&ie=UT
| 0060 46 2d 38 26 6f 65 3d 55 54 46 2d 38 26 71 3d 70 F-8&oe=U
| TF-8&q=p
| 0070 72 69 6d 65 69 6e 20 48 54 54 50 2f 31 2e 31 0d rimein H
| TTP/1.1.
| 0080 0a 48 6f 73 74 3a 20 77 77 77 2e 67 6f 6f 67 6c .Host: w
| ww.googl
| 0090 65 2e 63 6f 6d 0d 0a 55 73 65 72 2d 41 67 65 6e e.com..U
| ser-Agen
| 00a0 74 3a 20 4d 6f 7a 69 6c 6c 61 2f 35 2e 30 20 28 t: Mozil
| la/5.0 (
| 00b0 57 69 6e 64 6f 77 73 3b 20 55 3b 20 57 69 6e 64 Windows; U;
| Wind
| 00c0 6f 77 73 20 4e 54 20 35 2e 30 3b 20 65 6e 2d 55 ows NT 5 .0;
| en-U
| 00d0 53 3b 20 72 76 3a 31 2e 37 29 20 47 65 63 6b 6f S; rv:1. 7)
| Gecko
| 00e0 2f 32 30 30 34 30 38 30 33 20 46 69 72 65 66 6f /2004080 3
| Firefo
| 00f0 78 2f 30 2e 38 0d 0a 41 63 63 65 70 74 3a 20 74 x/0.8..A
| ccept: t
| 0100 65 78 74 2f 78 6d 6c 2c 61 70 70 6c 69 63 61 74 ext/xml,
| applicat
| 0110 69 6f 6e 2f 78 6d 6c 2c 61 70 70 6c 69 63 61 74 ion/xml,
| applicat
| 0120 69 6f 6e 2f 78 68 74 6d 6c 2b 78 6d 6c 2c 74 65 ion/xhtm
| l+xml,te
| 0130 78 74 2f 68 74 6d 6c 3b 71 3d 30 2e 39 2c 74 65 xt/html;
| q=0.9,te
| 0140 78 74 2f 70 6c 61 69 6e 3b 71 3d 30 2e 38 2c 76 xt/plain
| ;q=0.8,v
| 0150 69 64 65 6f 2f 78 2d 6d 6e 67 2c 69 6d 61 67 65 ideo/x-m
| ng,image
| 0160 2f 70 6e 67 2c 69 6d 61 67 65 2f 6a 70 65 67 2c /png,ima
| ge/jpeg,
| 0170 69 6d 61 67 65 2f 67 69 66 3b 71 3d 30 2e 32 2c image/gi
| f;q=0.2,
| 0180 2a 2f 2a 3b 71 3d 30 2e 31 0d 0a 41 63 63 65 70 */*;q=0.
| 1..Accep
| 0190 74 2d 4c 61 6e 67 75 61 67 65 3a 20 65 6e 2d 75 t-Langua ge:
| en-u
| 01a0 73 2c 65 6e 3b 71 3d 30 2e 35 0d 0a 41 63 63 65 s,en;q=0
| .5..Acce
| 01b0 70 74 2d 45 6e 63 6f 64 69 6e 67 3a 20 67 7a 69 pt-Encod ing:
| gzi
| 01c0 70 2c 64 65 66 6c 61 74 65 0d 0a 41 63 63 65 70 p,deflat
| e..Accep
| 01d0 74 2d 43 68 61 72 73 65 74 3a 20 49 53 4f 2d 38 t-Charse t:
| ISO-8
| 01e0 38 35 39 2d 31 2c 75 74 66 2d 38 3b 71 3d 30 2e 859-1,ut
| f-8;q=0.
| 01f0 37 2c 2a 3b 71 3d 30 2e 37 0d 0a 4b 65 65 70 2d 7,*;q=0.
| 7..Keep-
| 0200 41 6c 69 76 65 3a 20 33 30 30 0d 0a 43 6f 6e 6e Alive: 3
| 00..Conn
| 0210 65 63 74 69 6f 6e 3a 20 6b 65 65 70 2d 61 6c 69 ection:
| keep-ali
| 0220 76 65 0d 0a 43 6f 6f 6b 69 65 3a 20 65 6e 5f 55 ve..Cook ie:
| en_U
| 0230 53 3b 20 50 52 45 46 3d 49 44 3d 36 34 39 32 39 S; PREF=
| ID=64929
| 0240 31 64 62 30 33 65 34 63 39 37 62 3a 46 46 1db03e4c
| 97b:FF
| _______________________________________________
| Mozilla-security mailing list
| [EMAIL PROTECTED]
| http://mail.mozilla.org/listinfo/mozilla-security
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org
iD4DBQFBMe1cfLPhlaxNQk0RAvEyAJiqLqQ+g7E5jM9JBXKjxCsFo7K2AJ9XG4bQ
KRfgskag6qjMwQEzIW3nig==
=hYne
-----END PGP SIGNATURE-----
_______________________________________________
Mozilla-security mailing list
[EMAIL PROTECTED]
http://mail.mozilla.org/listinfo/mozilla-security
