TITLE: Mozilla / Firefox / Camino IDN Spoofing Security Issue SECUNIA ADVISORY ID: SA14163
VERIFY ADVISORY: http://secunia.com/advisories/14163/ CRITICAL: Moderately critical IMPACT: Spoofing WHERE: >From remote SOFTWARE: Mozilla 1.7.x http://secunia.com/product/3691/ Mozilla Firefox 0.x http://secunia.com/product/3256/ Mozilla Firefox 1.x http://secunia.com/product/4227/ DESCRIPTION: Eric Johanson has reported a security issue in Mozilla / Firefox / Camino, which can be exploited by a malicious web site to spoof the URL displayed in the address bar, SSL certificate, and status bar. The problem is caused due to an unintended result of the IDN (International Domain Name) implementation, which allows using international characters in domain names. This can be exploited by registering domain names with certain international characters that resembles other commonly used characters, thereby causing the user to believe they are on a trusted site. Secunia has constructed a test, which can be used to check if your browser is affected by this issue: http://secunia.com/multiple_browsers_idn_spoofing_test/ The issue has been confirmed in Mozilla 1.7.5 and Firefox 1.0. Other versions may also be affected. SOLUTION: Disable IDN support by setting network.enableIDN to "false". Don't follow links from untrusted sources. Manually type the URL in the address bar. ORIGINAL ADVISORY: http://www.shmoo.com/idn/homograph.txt OTHER REFERENCES: The Homograph Attack: http://www.cs.technion.ac.il/~gabr/papers/homograph.html ICANN paper on IDN Permissible Code Point Problems: http://www.icann.org/committees/idn/idn-codepoint-paper.htm ============= PCWorks Mailing List ================= Don't see your post? Check our posting guidelines & make sure you've followed proper posting procedures, http://pcworkers.com/rules.htm Contact list owner <[EMAIL PROTECTED]> Unsubscribing and other changes: http://pcworkers.com =====================================================
