Re: [ilugd] [Fwd: [Webappsec] Firefox extensions go Evil - Critical Vulnerabilities in Firefox/Firebug]

2007-04-12 Thread ­Honey ­ 
Similarly this "xpi" creates many vulnerability
like u might heard of www.jajah.com that provides VOIP.
but their is a an firefox extension of jajah.xpi dat's lhv easy interface
to register with any phone no & provide a plateform to Spoil any
phone 
balance

reference:-
http://honeytech.wordpress.com/2007/02/15/exploit-of-jajah-webtelephony-spoil-any-phone-balance/

On 4/12/07, Raj Shekhar <[EMAIL PROTECTED]> wrote:
>
> if you use firebug, better upgrade.
>
>  Original Message 
> Subject: [Webappsec] Firefox extensions go Evil - Critical
> Vulnerabilities in Firefox/Firebug
> Date: Wed, 4 Apr 2007 20:23:41 +0100
> From: pdp (architect) <[EMAIL PROTECTED]>
> To: [EMAIL PROTECTED], [EMAIL PROTECTED],
> "WASC
> Forum" <[EMAIL PROTECTED]>, "webappsec @OWASP"
> <[EMAIL PROTECTED]>
>
> http://www.gnucitizen.org/blog/firebug-goes-evil
>
> There is critical vulnerability in Firefox/Firebug which allows
> attackers to inject code inside the browser chrome. This can lead to a
> lot of problems. Theoretically everything is possible, from modifying
> the user file system to launching processes, installing ROOTKITs, you
> name it.
>
> I recommend to disable Firebug for now until the issue is fixed. The
> issues is a bit critical since Firebug is one of the most popular
> extensions for Firefox. Given the fact that a lot of the Firefox users
> are geeks, the chances to have Firebug installed in a random Firefox
> client are quite high.
>
> I wrote two POC to demonstrate the issue. You can find them from the
> page on the top of this message. The first POC runs calc.exe and
> cmd.exe on windows systems. The second POC does a count down from 10
> to 0 and executes calc.exe to prove that automatic execution is
> possible.
>
> --
> pdp (architect) | petko d. petkov
> http://www.gnucitizen.org
> ___
> Webappsec mailing list
> [EMAIL PROTECTED]
> http://lists.owasp.org/mailman/listinfo/webappsec
>
>
> --
> raj shekhar
> facts: http://rajshekhar.net | opinions: http://rajshekhar.net/blog
> I dare do all that may become a man; Who dares do more is none.
>
> ___
> ilugd mailinglist -- [EMAIL PROTECTED]
> http://frodo.hserus.net/mailman/listinfo/ilugd
> Archives at: http://news.gmane.org/gmane.user-groups.linux.delhi
> http://www.mail-archive.com/[EMAIL PROTECTED]/
>



-- 
Honey Singh
3rd yr
RKGIT
http://honeytech.wordpress.com/
my Music Video:-
http://video.google.com/videoplay?docid=-8752423381028565635&q=controlmyself
___
ilugd mailinglist -- [EMAIL PROTECTED]
http://frodo.hserus.net/mailman/listinfo/ilugd
Archives at: http://news.gmane.org/gmane.user-groups.linux.delhi 
http://www.mail-archive.com/[EMAIL PROTECTED]/

[ilugd] [Fwd: [Webappsec] Firefox extensions go Evil - Critical Vulnerabilities in Firefox/Firebug]

2007-04-12 Thread Raj Shekhar 
if you use firebug, better upgrade.

 Original Message 
Subject: [Webappsec] Firefox extensions go Evil - Critical 
Vulnerabilities in Firefox/Firebug
Date: Wed, 4 Apr 2007 20:23:41 +0100
From: pdp (architect) <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED], [EMAIL PROTECTED],   "WASC 
Forum" <[EMAIL PROTECTED]>, "webappsec @OWASP" 
<[EMAIL PROTECTED]>

http://www.gnucitizen.org/blog/firebug-goes-evil

There is critical vulnerability in Firefox/Firebug which allows
attackers to inject code inside the browser chrome. This can lead to a
lot of problems. Theoretically everything is possible, from modifying
the user file system to launching processes, installing ROOTKITs, you
name it.

I recommend to disable Firebug for now until the issue is fixed. The
issues is a bit critical since Firebug is one of the most popular
extensions for Firefox. Given the fact that a lot of the Firefox users
are geeks, the chances to have Firebug installed in a random Firefox
client are quite high.

I wrote two POC to demonstrate the issue. You can find them from the
page on the top of this message. The first POC runs calc.exe and
cmd.exe on windows systems. The second POC does a count down from 10
to 0 and executes calc.exe to prove that automatic execution is
possible.

-- 
pdp (architect) | petko d. petkov
http://www.gnucitizen.org
___
Webappsec mailing list
[EMAIL PROTECTED]
http://lists.owasp.org/mailman/listinfo/webappsec


-- 
raj shekhar
facts: http://rajshekhar.net | opinions: http://rajshekhar.net/blog
I dare do all that may become a man; Who dares do more is none.

___
ilugd mailinglist -- [EMAIL PROTECTED]
http://frodo.hserus.net/mailman/listinfo/ilugd
Archives at: http://news.gmane.org/gmane.user-groups.linux.delhi 
http://www.mail-archive.com/[EMAIL PROTECTED]/