[Fwd: Re: New Mozilla vulnerabilities??]
by David Eisenstein
Matthew Miller wrote:
> On Sat, Jun 03, 2006 at 02:36:13PM -0500, David Eisenstein wrote:
>
>>It mentions a bunch of vulnerabilities (all of which seem to affect
>>Seamonkey, Thunderbird, and Firefox). After looking at each VU#, it appears
>>that none of the announcements mention the Mozilla suite. Also, at least as
>>of last night, none of them mention any CVE #'s.
>
>
> No updates for Firefox for Fedora Core yet, either....
>
> <https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=194617>
>
I heard a rumor the other day that Red Hat Enterprise Linux may be planning
to replace Mozilla with Seamonkey in their currently-maintained distros. Am
wondering if there is any truth to this rumor? Also wondering if there is
anything we in Fedora Legacy can do to help in this process of dealing with
these critical Mozilla/Firefox/Seamonkey bugs?
Fedora Legacy bug for these issues:
<https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=194440>
Congrats to Fedora Extras for getting Seamonkey packages out already! :)
Regards,
David
17 years, 10 months
New Mozilla vulnerabilities??
by David Eisenstein
Hello all,
Yesterday, I received a notice from US-CERT regarding Technical Cyber
Security Alert TA06-153A -- Mozilla Products Contain Multiple
Vulnerabilities, (available at
<http://www.us-cert.gov/cas/techalerts/TA06-153A.html>).
It mentions a bunch of vulnerabilities (all of which seem to affect
Seamonkey, Thunderbird, and Firefox). After looking at each VU#, it appears
that none of the announcements mention the Mozilla suite. Also, at least as
of last night, none of them mention any CVE #'s.
What's going on with this? Are any Mozilla Suite products affected by these
vulnerabilities? Some of these sound critical -- and if there are no
patches available for mozilla-1.7.13, well, it seems bad!
"Several vulnerabilities have been reported in the Mozilla web browser
and derived products. More detailed information is available in the
individual vulnerability notes, including:
"VU#237257 - Mozilla privilege escalation using addSelectionListener
A privilege escalation vulnerability exists in the Mozilla
addSelectionListener method. This may allow a remote attacker to
execute arbitrary code.
"VU#421529 - Mozilla contains a buffer overflow vulnerability in
crypto.signText()
Mozilla products contain a buffer overflow in the crypto.signText()
method. This may allow a remote attacker to execute arbitrary code.
"VU#575969 - Mozilla may process content-defined setters on object
prototypes with elevated privileges
Mozilla allows content-defined setters on object prototypes to execute
with elevated privileges. This may allow a remote attacker to execute
arbitrary code.
"VU#243153 - Mozilla may associate persisted XUL attributes with an
incorrect URL
Mozilla can allow persisted XUL attributes to associate with the wrong
URL. This may allow a remote attacker to execute arbitrary code.
"VU#466673 - Mozilla contains multiple memory corruption
vulnerabilities
Mozilla contains several memory corruption vulnerabilities. This may
allow a remote attacker to execute arbitrary code."
-David
17 years, 10 months
[Bug 187353] Possible security issue
by Red Hat Bugzilla
Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug report.
Summary: Possible security issue
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=187353
lmacken(a)redhat.com changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |fedora-security-
| |list(a)redhat.com
------- Additional Comments From lmacken(a)redhat.com 2006-06-05 13:53 EST -------
I agree that this is an issue with NetHack and needs to be fixed. After quickly
looking around, I don't believe a patch for this has been written yet (I could
be wrong).
CC'ing fedora-security-list.
--
Configure bugmail: https://bugzilla.redhat.com/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.
17 years, 10 months
Full list of Seamonkey (unpatched Mozilla Suite??) vulnerabilities...
by David Eisenstein
Hi again all,
More Seamonkey vulnerabilties...
From
<http://www.mozilla.org/projects/security/known-vulnerabilities.html#SeaMo...>,
there is this list:
Fixed in SeaMonkey 1.0.2
------------------------
Critical - MFSA 2006-43 Privilege escalation using addSelectionListener
High - MFSA 2006-42 Web site XSS using BOM on UTF-8 pages
High - MFSA 2006-41 File stealing by changing input type (variant)
Critical - MFSA 2006-40 Double-free on malformed VCard
Low - MFSA 2006-39 "View Image" local resource linking (Windows)
Critical - MFSA 2006-38 Buffer overflow in crypto.signText()
Critical - MFSA 2006-37 Remote compromise via content-defined setter on
object prototypes
Critical - MFSA 2006-35 Privilege escalation through XUL persist
Moderate - MFSA 2006-34 XSS viewing javascript: frames or images from
context menu
High - MFSA 2006-33 HTTP response smuggling
Critical - MFSA 2006-32 Fixes for crashes with potential memory corruption
Moderate - MFSA 2006-31 EvalInSandbox escape (Proxy Autoconfig,
Greasemonkey)
Similar lists exists for Firefox ("Fixed in Firefox 1.5.0.4") and
Thunderbird ("Fixed in Thunderbird 1.5.0.4") vulnerabilities on that same page.
Somehow, I suspect that if these vulnerabilities exist in Seamonkey, then
many will also exist in Mozilla-1.7.13, in Firefox-1.0.8, and
Thunderbird-1.0.8 ....
What is the Mozilla Foundation trying to do here? Make zero-day exploits
available to malware writers to use against legacy users of Mozilla-1.7.13
Firefox-1.0.8, and Thunderbird-1.0.8 users?!? Is there any coordination
among outside maintainers of these legacy packages (since the Mozilla
foundation's official policy is that Mozilla-1.7.13 was the end of the line
for the Mozilla suite)? Should there be??
Regards,
David Eisenstein
ps: None of the detailed MSFA's linked to from the known-vulnerabilities
page that I looked at had any CVE's listed for them. Does anyone know if
any CVE's are assigned for these vulnerabilities? Also, all of the
bugzilla.mozilla.org links from the MFSA's seem to be embargoed (at least
for me). Does anyone here have access to those bug reports?
17 years, 10 months
[Fwd: Re: [Bug 193962] New: CVE-2006-2777 (seamonkey): remote arbitrary code execution vulnerability]
by David Eisenstein
Oops, used wrong "From" address... trying again ... sorry 'bout that.
-David
-------- Original Message --------
Subject: Re: [Bug 193962] New: CVE-2006-2777 (seamonkey): remote arbitrary
From: Dave Eisenstein <c438421(a)twinkie.homedns.org>
To: fedora-security-list(a)redhat.com
Hey Ville,
How did you get news of the existence of CVE-2006-2777?
Regards,
David Eisenstein
bugzilla(a)redhat.com wrote:
>
> https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=193962
>
> Summary: CVE-2006-2777 (seamonkey): remote arbitrary code
> execution vulnerability
> Product: Fedora Extras
> Version: fc5
> Platform: All
> OS/Version: Linux
> Status: NEW
> Severity: high
> Priority: high
> Component: seamonkey
> AssignedTo: kengert(a)redhat.com
> ReportedBy: ville.skytta(a)iki.fi
> QAContact: extras-qa(a)fedoraproject.org
> CC: extras-qa(a)fedoraproject.org,fedora-security-
> list(a)redhat.com
>
> Remote arbitrary code execution vulnerability in seamonkey < 1.0.2:
> http://nvd.nist.gov/nvd.cfm?cvename=CVE-2006-2777
>
17 years, 10 months
