http://www.technewsworld.com/rsstory/40447.html


Spoofing Flaw Hits Web Browsers

By Steve Ranger
VNUNet.com
02/09/05 8:54 AM PT

The spoofing problem is due to an unintended result of the International Domain Name implementation, which allows the use of international characters in domain names, security firm Secunia said.

A newly discovered security flaw in popular browsers including Firefox and Opera could be exploited by hackers to carry out phishing scams, security experts have warned.

Security services company Secunia issued an advisory detailing the issue, which allows for spoofing of Web addresses. The flaw could be exploited by a malicious Web site to spoof the URL displayed in the address bar, SSL certificate and status bar.


Domain Name Danger
The problem is due to an unintended result of the International Domain Name implementation, which allows the use of international characters in domain names, the company said.

This can be exploited by registering domain names with certain international characters that resemble other commonly used characters, causing the user to believe that they are on a trusted site.

Scrutinize Sources
Secunia stressed that users should not follow links from untrusted sources, and should manually type the URL in the address bar. The flaw has been confirmed in the following browsers:

Mozilla 1.7.5, Firefox 1.0, Opera 7.54u1 and 7.54u2, Konqueror 3.2.2, Netscape 7.2, and Safari 1.2.4 (v125.1).

Secunia warned that other versions may also be affected. The company has constructed a test to check whether your browser is affected by this issue.

http://secunia.com/multiple_browsers_idn_spoofing_test/

so this would be the reason firefox is better than IE? :lol:
i use IE, i get page cannot be displayed. what are we supposed to see in that test if we pass?

If it has this page cannot be displayed I think we are NOT vulnerable

Result
You are vulnerable, if a new window is opened displaying a Secunia page, but the address bar is displaying "http://www.paypal.com/".

GO IE!

according to MozillaZine


Some websites have noted that Internet Explorer is safe from this issue. We would like to point out that this is misleading, since Internet Explorer has not implemented IDN

so IE is safe because it hasn't implemented this nice new browser feature

Why are international characters a security vulnerability?

because you can make some of the letters and numbers look like others. i can register a site that will look exactly like www.ebay.com even though it would be a different domain.

we all love slating microsoft for including active-x but it seems the firefox team included this with little regard for security and its now a security hold big enough for plenty of phishers to drive a truck through.

OH NOES!! our megahurtz can be st0eled!!!11 :crying:

Firefox, opera, mozilla, netscape, all vulnerable, and IE is not? WTF? :lol:

Found a quick and dirty workaround to close the hole in Firefox 1.0.

They have a sticky thread dealing with this issue at the Mozillazine Forum (http://forums.mozillazine.org/viewtopic.php?t=215221). Thier fix gets disabled if you install a new extension or theme, so no method is 100% perfect just yet.

according to MozillaZine



so IE is safe because it hasn't implemented this nice new browser feature
doesnt seem ATM to be such a nice new feature :lol:

IE gets me to the same internet you firefox, opera, etc..people are looking at.
I used firefox, and the plug in thing just got on my nerves. but i hope they get this issue resolved for you guys that use those browsers. :)

doesnt seem ATM to be such a nice new feature :lol:

IE gets me to the same internet you firefox, opera, etc..people are looking at.
I used firefox, and the plug in thing just got on my nerves. but i hope they get this issue resolved for you guys that use those browsers. :)
what plugin issue? we can get extensioons to add endless amounts of extra features...the best one being adblock, but there are lots more handy ones that I use on a daily basis.

what plugin issue? we can get extensioons to add endless amounts of extra features...the best one being adblock, but there are lots more handy ones that I use on a daily basis.
i see what you are saying, but i dont see any real reason to use any other browser than IE, i have never come across an issue that required a browser upgrade or browser change. I tried firefox, but it required plugins to see real media streams and stuff like that, and IE did it for me, and it just annoyed me enough to get rid of it. just my personal opinion of coarse, but i have enough software on my pc. :)
and just to recap.....I look at the internet, i personally dont need all the wierd addons that come with all the new browsers. I see the internet just as you guys see it, I just dont have, nor will i ever, have a need for whatever you guys are using i guess, :)

Actually, the Adblock extension is one way to close the security hole...

Here's a sumup of the previous posts.
These are the 3 known ways to deal with it, take your pick:

1. Edit the compreg.dat file in your profile: put // or # in front of the two lines (in windows) with IDN in them.
This will only hold until you install/uninstall a theme/extension and than you have to do it again.
Editing the compreg.dat in P.F. will add nothing.

2 Install a nightly (Firefox build) and change "network.enableIDN" in about:config (or user.js) to false.

3.Install adblock and put: /[^\x20-\x80]/
in the filter.
Adblock>pref.>adblock options>check site blocking>put /[^\x20-\x80]/
in New Filter>Done

']Actually, the Adblock extension is one way to close the security hole...
yay! :D

off track a bit:

hey rossco, nice napoleon avatar, that movie was funny :)

off track a bit:

hey rossco, nice napoleon avatar, that movie was funny :)
thanks. :)