Ubuntu Local Security Checks : Ubuntu USN-134-1 (mozilla-firefox)

Price/Feature Summary | Order | New Vulnerabilities | Confidentiality | Vulnerability Search

Vulnerability Search		Search 61204 CVE descriptions and 32582 test descriptions, access 10,000+ cross references.
	Tests CVE All

Test ID: 1.3.6.1.4.1.25623.1.0.52977

Category: Ubuntu Local Security Checks

Title: Ubuntu USN-134-1 (mozilla-firefox)

Summary: Ubuntu USN-134-1 (mozilla-firefox)

Description:
The remote host is missing an update to mozilla-firefox
announced via advisory USN-134-1.

A security issue affects the following Ubuntu releases:

Ubuntu 5.04 (Hoary Hedgehog)

The following packages are affected: mozilla-firefox

It was discovered that a malicious website could inject arbitrary
scripts into a target site by loading it into a frame and navigating
back to a previous Javascript URL that contained an eval() call. This
could be used to steal cookies or other confidential data from the
target site. If the target site is allowed to raise the install
confirmation dialog in Firefox then this flaw even allowed the
malicious site to execute arbitrary code with the privileges of the
Firefox user. By default only the Mozilla Update site is allowed to
attempt software installation
however, users can permit this for
additional sites. (MFSA 2005-42)

Michael Krax, Georgi Guninski, and L. David Baron found that the
security checks that prevent script injection could be bypassed by
wrapping a javascript: url in another pseudo-protocol like
view-source: or jar:. (CVE-2005-1531)

A variant of the attack described in CVE-2005-1160 (see USN-124-1) was
discovered. Additional checks were added to make sure Javascript eval
and Script objects are run with the privileges of the context that
created them, not the potentially elevated privilege of the context
calling them. (CVE-2005-1532)

Solution:
The problem can be corrected by upgrading the affected package to
version 1.0.2-0ubuntu5.3. After doing a standard system upgrade you
need to restart Firefox to effect the necessary changes.

http://www.securityspace.com/smysecure/catid.html?in=USN-134-1

Risk factor : High

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2005-1531
http://www.redhat.com/support/errata/RHSA-2005-434.html
http://www.redhat.com/support/errata/RHSA-2005-435.html
SCO Security Bulletin: SCOSA-2005.49
ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.49/SCOSA-2005.49.txt
BugTraq ID: 15495
http://www.securityfocus.com/bid/15495
BugTraq ID: 13641
http://www.securityfocus.com/bid/13641
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:10351
http://www.vupen.com/english/advisories/2005/0530
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:100015
http://securitytracker.com/id?1013962
http://securitytracker.com/id?1013963
Common Vulnerability Exposure (CVE) ID: CVE-2005-1532
http://www.redhat.com/support/errata/RHSA-2005-601.html
SuSE Security Announcement: SUSE-SA:2006:022 (Google Search)
http://www.novell.com/linux/security/advisories/2006_04_25.html
SuSE Security Announcement: SUSE-SA:2006:004 (Google Search)
BugTraq ID: 13645
http://www.securityfocus.com/bid/13645
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:10791
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:100014
http://securitytracker.com/id?1013965
http://securitytracker.com/id?1013964
http://secunia.com/advisories/19823
Common Vulnerability Exposure (CVE) ID: CVE-2005-1160
http://www.gentoo.org/security/en/glsa/glsa-200504-18.xml
http://www.redhat.com/support/errata/RHSA-2005-383.html
http://www.redhat.com/support/errata/RHSA-2005-386.html
http://www.redhat.com/support/errata/RHSA-2005-384.html
BugTraq ID: 13233
http://www.securityfocus.com/bid/13233
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:100017
http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:11291
http://secunia.com/advisories/14938
http://secunia.com/advisories/14992

Copyright Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com

This is only one of 32582 vulnerability tests in our test suite. Find out more about running a complete security audit.
To run a free test of this vulnerability against your system, register below.

New User Registration
Email:

UserID:

Passwd:

Please email me your monthly newsletters, informing the latest services, improvements & surveys.

Please email me a vulnerability test announcement whenever a new test is added.

Privacy

Registered User Login

UserID:

Passwd:

Forgot userid or passwd?

Email/Userid:

Test ID:	1.3.6.1.4.1.25623.1.0.52977
Category:	Ubuntu Local Security Checks
Title:	Ubuntu USN-134-1 (mozilla-firefox)
Summary:	Ubuntu USN-134-1 (mozilla-firefox)
Description:	The remote host is missing an update to mozilla-firefox announced via advisory USN-134-1. A security issue affects the following Ubuntu releases: Ubuntu 5.04 (Hoary Hedgehog) The following packages are affected: mozilla-firefox It was discovered that a malicious website could inject arbitrary scripts into a target site by loading it into a frame and navigating back to a previous Javascript URL that contained an eval() call. This could be used to steal cookies or other confidential data from the target site. If the target site is allowed to raise the install confirmation dialog in Firefox then this flaw even allowed the malicious site to execute arbitrary code with the privileges of the Firefox user. By default only the Mozilla Update site is allowed to attempt software installation however, users can permit this for additional sites. (MFSA 2005-42) Michael Krax, Georgi Guninski, and L. David Baron found that the security checks that prevent script injection could be bypassed by wrapping a javascript: url in another pseudo-protocol like view-source: or jar:. (CVE-2005-1531) A variant of the attack described in CVE-2005-1160 (see USN-124-1) was discovered. Additional checks were added to make sure Javascript eval and Script objects are run with the privileges of the context that created them, not the potentially elevated privilege of the context calling them. (CVE-2005-1532) Solution: The problem can be corrected by upgrading the affected package to version 1.0.2-0ubuntu5.3. After doing a standard system upgrade you need to restart Firefox to effect the necessary changes. http://www.securityspace.com/smysecure/catid.html?in=USN-134-1 Risk factor : High
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2005-1531 http://www.redhat.com/support/errata/RHSA-2005-434.html http://www.redhat.com/support/errata/RHSA-2005-435.html SCO Security Bulletin: SCOSA-2005.49 ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2005.49/SCOSA-2005.49.txt BugTraq ID: 15495 http://www.securityfocus.com/bid/15495 BugTraq ID: 13641 http://www.securityfocus.com/bid/13641 http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:10351 http://www.vupen.com/english/advisories/2005/0530 http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:100015 http://securitytracker.com/id?1013962 http://securitytracker.com/id?1013963 Common Vulnerability Exposure (CVE) ID: CVE-2005-1532 http://www.redhat.com/support/errata/RHSA-2005-601.html SuSE Security Announcement: SUSE-SA:2006:022 (Google Search) http://www.novell.com/linux/security/advisories/2006_04_25.html SuSE Security Announcement: SUSE-SA:2006:004 (Google Search) BugTraq ID: 13645 http://www.securityfocus.com/bid/13645 http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:10791 http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:100014 http://securitytracker.com/id?1013965 http://securitytracker.com/id?1013964 http://secunia.com/advisories/19823 Common Vulnerability Exposure (CVE) ID: CVE-2005-1160 http://www.gentoo.org/security/en/glsa/glsa-200504-18.xml http://www.redhat.com/support/errata/RHSA-2005-383.html http://www.redhat.com/support/errata/RHSA-2005-386.html http://www.redhat.com/support/errata/RHSA-2005-384.html BugTraq ID: 13233 http://www.securityfocus.com/bid/13233 http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:100017 http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:11291 http://secunia.com/advisories/14938 http://secunia.com/advisories/14992
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com