Login
Newsletter
Werbung

Sicherheit: Mehrere Probleme in Mozilla
Aktuelle Meldungen Distributionen
Name: Mehrere Probleme in Mozilla
ID: USN-155-1
Distribution: Ubuntu
Plattformen: Ubuntu 4.10, Ubuntu 5.04
Datum: Fr, 29. Juli 2005, 13:00
Referenzen: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1531
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1532
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1937
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2260
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2261
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2263
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2265
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2266
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2268
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2269
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2270
Applikationen:

Originalnachricht

--===============0065754924=	protocol="application/pgp-signature";
boundary="0ntfKIWw70PvrIHh"
Content-Disposition: inline


--0ntfKIWw70PvrIHh
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

===========================================================
Ubuntu Security Notice USN-155-1 July 26, 2005
mozilla vulnerabilities
CAN-2005-1531, CAN-2005-1532, CAN-2005-1937, CAN-2005-2260,
CAN-2005-2261, CAN-2005-2263, CAN-2005-2265, CAN-2005-2266,
CAN-2005-2268, CAN-2005-2269, CAN-2005-2270
===========================================================

A security issue affects the following Ubuntu releases:

Ubuntu 4.10 (Warty Warthog)
Ubuntu 5.04 (Hoary Hedgehog)

The following packages are affected:

mozilla-browser
mozilla-mailnews

The problem can be corrected by upgrading the affected package to
version 2:1.7.10-0ubuntu04.10 (for Ubuntu 4.10), or
2:1.7.10-0ubuntu05.04 (for Ubuntu 5.04). After a standard system
upgrade you need to restart Mozilla to effect the necessary changes.

Details follow:

Secunia.com reported that one of the recent security patches in
Firefox reintroduced the frame injection patch that was originally
known as CAN-2004-0718. This allowed a malicious web site to spoof the
contents of other web sites. (CAN-2005-1937)

It was discovered that a malicious website could inject arbitrary
scripts into a target site by loading it into a frame and navigating
back to a previous Javascript URL that contained an eval() call. This
could be used to steal cookies or other confidential data from the
target site. (MFSA 2005-42)

Michael Krax, Georgi Guninski, and L. David Baron found that the
security checks that prevent script injection could be bypassed by
wrapping a javascript: url in another pseudo-protocol like
"view-source:" or "jar:". (CAN-2005-1531)

A variant of the attack described in CAN-2005-1160 (see USN-124-1) was
discovered. Additional checks were added to make sure Javascript eval
and script objects are run with the privileges of the context that
created them, not the potentially elevated privilege of the context
calling them. (CAN-2005-1532)

In several places the browser user interface did not correctly
distinguish between true user events, such as mouse clicks or
keystrokes, and synthetic events genenerated by web content. This
could be exploited by malicious web sites to generate e. g. mouse clicks
that install malicious plugins. Synthetic events are now prevented
=66rom reaching the browser UI entirely. (CAN-2005-2260)

Scripts in XBL controls from web content continued to be run even when
Javascript was disabled. This could be combined with most script-based
exploits to attack people running vulnerable versions who thought
disabling Javascript would protect them. (CAN-2005-2261)

Matthew Mastracci discovered a flaw in the addons installation
launcher. By forcing a page navigation immediately after calling the
install method a callback function could end up running in the context
of the new page selected by the attacker. This callback script could
steal data from the new page such as cookies or passwords, or perform
actions on the user's behalf such as make a purchase if the user is
already logged into the target site. However, the default settings
allow only http://addons.mozilla.org to bring up this install dialog.
This could only be exploited if users have added untrustworthy sites
to the installation whitelist, and if a malicious site can convince
you to install from their site. (CAN-2005-2263)

The function for version comparison in the addons installer did not
properly verify the type of its argument. By passing specially crafted
Javascript objects to it, a malicious web site could crash the browser
and possibly even execute arbitrary code with the privilege of the
user account Firefox runs in. (CAN-2005-2265)

A child frame can call top.focus() even if the framing page comes from
a different origin and has overridden the focus() routine. Andreas
Sandblad discovered that the call is made in the context of the child
frame. This could be exploited to steal cookies and passwords from the
framed page, or take actions on behalf of a signed-in user. However,
web sites with above properties are not very common. (CAN-2005-2266)

Alerts and prompts created by scripts in web pages were presented with
the generic title [Javascript Application] which sometimes made it
difficult to know which site created them. A malicious page could
exploit this by causing a prompt to appear in front of a trusted site
in an attempt to extract information such as passwords from the user.
In the fixed version these prompts contain the hostname of the page
which created it. (CAN-2005-2268)

The XHTML DOM node handler did not take namespaces into account when
verifying node types based on their names. For example, an XHTML
document could contain an <IMG> tag with malicious contents, which
would then be processed as the standard trusted HTML <img> tag. By
tricking an user to view malicious web sites, this could be exploited
to execute attacker-specified code with the full privileges of the
user. (CAN-2005-2269)

It was discovered that some objects were not created appropriately.
This allowed malicious web content scripts to trace back the creation
chain until they found a privileged object and execute code with
higher privileges than allowed by the current site. (CAN-2005-2270)

The update for Ubuntu 4.10 (Warty Warthog) also fixes several
vulnerabilities which are not present in the Ubuntu 5.04 version. Some
of them could be exploited to execute arbitrary code with full user
privileges if the user visited a malicious web site. (MFSA-2005-01 to
MFSA-2005-41; please see the following web site for details:
http://www.mozilla.org/projects/security/known-vulnerabilities.html). We
apologize for the huge delay of this update; we changed our update
strategy for Mozilla products to make sure that such long delays will
not happen again.

Updated packages for Ubuntu 4.10 (Warty Warthog):

Source archives:

mozilla_1.7.10-0ubuntu04.10.diff.gz
Size/MD5: 787895 d1b93dab379d90229aff0b6444cd7958
mozilla_1.7.10-0ubuntu04.10.dsc
Size/MD5: 1114 54a79bdf1055da5a4cef2cb2dafc96f5
mozilla_1.7.10.orig.tar.gz
Size/MD5: 30583956 46d33c8977831c434759f1f8be8349b9

amd64 architecture (Athlon64, Opteron, EM64T Xeon)

libnspr-dev_1.7.10-0ubuntu04.10_amd64.deb
Size/MD5: 168072 5f73543a027ca48255fb49b7d5698ba6
libnspr4_1.7.10-0ubuntu04.10_amd64.deb
Size/MD5: 139562 0cd70033ad7d3722795f88c6366eff27
libnss-dev_1.7.10-0ubuntu04.10_amd64.deb
Size/MD5: 184958 76dc43e6c0b49378f52c6eaeb21a7c5c
libnss3_1.7.10-0ubuntu04.10_amd64.deb
Size/MD5: 708258 6b961f2168030777d6cf8eb2d6332f1e
mozilla-browser_1.7.10-0ubuntu04.10_amd64.deb
Size/MD5: 11419236 ea48391b5a5e050f23b1a0650a956783
mozilla-calendar_1.7.10-0ubuntu04.10_amd64.deb
Size/MD5: 403268 ed929a52dbdbc5b06e79ec0fb81ff9fa
mozilla-chatzilla_1.7.10-0ubuntu04.10_amd64.deb
Size/MD5: 158326 86b385a15b6c85e4b915bacdced31314
mozilla-dev_1.7.10-0ubuntu04.10_amd64.deb
Size/MD5: 3350360 e1f4ca50e4bd19d34eee93290fb82629
mozilla-dom-inspector_1.7.10-0ubuntu04.10_amd64.deb
Size/MD5: 121136 eef79c168a357b87409c153c1f201e36
mozilla-js-debugger_1.7.10-0ubuntu04.10_amd64.deb
Size/MD5: 204150 190f1f37a6a477cbba26f8f6f53dbc43
mozilla-mailnews_1.7.10-0ubuntu04.10_amd64.deb
Size/MD5: 1937826 cf26eb285ceef89fcda0830758cc5bfd
mozilla-psm_1.7.10-0ubuntu04.10_amd64.deb
Size/MD5: 204162 c83dc89bda3406a94923c07178adbda3
mozilla_1.7.10-0ubuntu04.10_amd64.deb
Size/MD5: 1036 b38a32c79d53150543aa65bd17344012

i386 architecture (x86 compatible Intel/AMD)

libnspr-dev_1.7.10-0ubuntu04.10_i386.deb
Size/MD5: 168060 8c98d3b292d402cd22b11b420b54312b
libnspr4_1.7.10-0ubuntu04.10_i386.deb
Size/MD5: 126116 bb9174988c7e3c7ba95d152e66a512c0
libnss-dev_1.7.10-0ubuntu04.10_i386.deb
Size/MD5: 184946 a5e0cf933a97e2580f89ad2a8bd1800e
libnss3_1.7.10-0ubuntu04.10_i386.deb
Size/MD5: 637908 68482be695882a1e245e72cd197395d9
mozilla-browser_1.7.10-0ubuntu04.10_i386.deb
Size/MD5: 10602576 53124ed462188a86b8a75dc27faa7be3
mozilla-calendar_1.7.10-0ubuntu04.10_i386.deb
Size/MD5: 403266 02b39a072c2c9d286fe1735ca7507a66
mozilla-chatzilla_1.7.10-0ubuntu04.10_i386.deb
Size/MD5: 158320 8879f23c27a1787c49e3695c9a4fcfe5
mozilla-dev_1.7.10-0ubuntu04.10_i386.deb
Size/MD5: 3343192 6b9057c17c18b2c1a73154500c70cc42
mozilla-dom-inspector_1.7.10-0ubuntu04.10_i386.deb
Size/MD5: 115810 2b31e6c96b80615c2f916969f855a79f
mozilla-js-debugger_1.7.10-0ubuntu04.10_i386.deb
Size/MD5: 204140 c60f89e46ca9827c8bdc62990325738b
mozilla-mailnews_1.7.10-0ubuntu04.10_i386.deb
Size/MD5: 1780920 93f92d8d66349f7bd8e59f5e4fc76ef6
mozilla-psm_1.7.10-0ubuntu04.10_i386.deb
Size/MD5: 188206 41231266c644d9760779988908efbc5c
mozilla_1.7.10-0ubuntu04.10_i386.deb
Size/MD5: 1030 f12e02b92ae890afeac4d8d41a85f276

powerpc architecture (Apple Macintosh G3/G4/G5)

libnspr-dev_1.7.10-0ubuntu04.10_powerpc.deb
Size/MD5: 168072 ba80600f62884978df2b2f04c322f06c
libnspr4_1.7.10-0ubuntu04.10_powerpc.deb
Size/MD5: 124770 b17ebc91a1b791816f313746f52a6402
libnss-dev_1.7.10-0ubuntu04.10_powerpc.deb
Size/MD5: 184950 3e7c8c7cc16c9615b9255ce3fcc73b7c
libnss3_1.7.10-0ubuntu04.10_powerpc.deb
Size/MD5: 712682 dc25643199535a3c8e4e48f766fa8e99
mozilla-browser_1.7.10-0ubuntu04.10_powerpc.deb
Size/MD5: 10164662 5d494ec9f05ac4f910642f41264b8c60
mozilla-calendar_1.7.10-0ubuntu04.10_powerpc.deb
Size/MD5: 403276 65484c2dc4f038d104746f5fa2fc7489
mozilla-chatzilla_1.7.10-0ubuntu04.10_powerpc.deb
Size/MD5: 158332 05369072e2805e665dcb2eb0ed311ec4
mozilla-dev_1.7.10-0ubuntu04.10_powerpc.deb
Size/MD5: 3338534 623c77253ad680985c7c00fee1ea28e3
mozilla-dom-inspector_1.7.10-0ubuntu04.10_powerpc.deb
Size/MD5: 114542 f4f3f3baa8b6b0e7c0129ccca3ffd7da
mozilla-js-debugger_1.7.10-0ubuntu04.10_powerpc.deb
Size/MD5: 204158 ddd745af7c8ec2ac86cb1a23e0b20a5c
mozilla-mailnews_1.7.10-0ubuntu04.10_powerpc.deb
Size/MD5: 1642582 b6406c9fcf0720da67ebe2161884b8fb
mozilla-psm_1.7.10-0ubuntu04.10_powerpc.deb
Size/MD5: 175472 80bc4b4730e0cfc1c1d15ad41debf97e
mozilla_1.7.10-0ubuntu04.10_powerpc.deb
Size/MD5: 1036 4a8d43ad6703ee277fd33f558fc0ba10

Updated packages for Ubuntu 5.04 (Hoary Hedgehog):

Source archives:

mozilla_1.7.10-0ubuntu05.04.diff.gz
Size/MD5: 310547 9114a0520dfd1ec3f1e8840cc7b209d4
mozilla_1.7.10-0ubuntu05.04.dsc
Size/MD5: 1136 9c2b49a4c6127860bd5873c902df7103
mozilla_1.7.10.orig.tar.gz
Size/MD5: 30583956 46d33c8977831c434759f1f8be8349b9

amd64 architecture (Athlon64, Opteron, EM64T Xeon)

libnspr-dev_1.7.10-0ubuntu05.04_amd64.deb
Size/MD5: 168066 01ffef9884ce28174557a52f83733ef5
libnspr4_1.7.10-0ubuntu05.04_amd64.deb
Size/MD5: 140028 c8f9228d7793a031ab73f1f4e690dd3b
libnss-dev_1.7.10-0ubuntu05.04_amd64.deb
Size/MD5: 184940 0e591f14f97cfce7af277aa7315009d7
libnss3_1.7.10-0ubuntu05.04_amd64.deb
Size/MD5: 708860 a599ff95ab1687f2769c54bca8a0c920
mozilla-browser_1.7.10-0ubuntu05.04_amd64.deb
Size/MD5: 10604772 ec3f043c5605adaaa40c53cbee400711
mozilla-calendar_1.7.10-0ubuntu05.04_amd64.deb
Size/MD5: 403258 d1a734b01463eff486bf73b71c72b95e
mozilla-chatzilla_1.7.10-0ubuntu05.04_amd64.deb
Size/MD5: 158322 b6adcb39d0eb40d51bc747bbf2dacb65
mozilla-dev_1.7.10-0ubuntu05.04_amd64.deb
Size/MD5: 3350388 3a4978438779c894f1b2e531127a976a
mozilla-dom-inspector_1.7.10-0ubuntu05.04_amd64.deb
Size/MD5: 121180 fe31f51e8c1ddce8d00c55a0ffaa0609
mozilla-js-debugger_1.7.10-0ubuntu05.04_amd64.deb
Size/MD5: 204144 6f30f8a5aab9a79d67010d3d6f30ba2d
mozilla-mailnews_1.7.10-0ubuntu05.04_amd64.deb
Size/MD5: 1935902 e9237f23592a8210eb455372ce860fc7
mozilla-psm_1.7.10-0ubuntu05.04_amd64.deb
Size/MD5: 204122 93173df651b43c76a9b9377f098df9a5
mozilla_1.7.10-0ubuntu05.04_amd64.deb
Size/MD5: 1032 126b185c4886fc68a69dec48d0683ee7

i386 architecture (x86 compatible Intel/AMD)

libnspr-dev_1.7.10-0ubuntu05.04_i386.deb
Size/MD5: 168064 5a0e70ac2d5e8c98ed086794e142c7b2
libnspr4_1.7.10-0ubuntu05.04_i386.deb
Size/MD5: 126702 8415469bef6048d35e37fedd5f3962c6
libnss-dev_1.7.10-0ubuntu05.04_i386.deb
Size/MD5: 184954 f9e1e504981b3d82bc4e997b63a87dc6
libnss3_1.7.10-0ubuntu05.04_i386.deb
Size/MD5: 638694 74c6379cf3bb2ad963d969d31c501537
mozilla-browser_1.7.10-0ubuntu05.04_i386.deb
Size/MD5: 9617280 8b3ab23e5c32f8afd5122d52d8951949
mozilla-calendar_1.7.10-0ubuntu05.04_i386.deb
Size/MD5: 403268 61436ebff7bac70672a2fa5ba184fb68
mozilla-chatzilla_1.7.10-0ubuntu05.04_i386.deb
Size/MD5: 158324 2d9bdc79894dedd525ec7b51078207a8
mozilla-dev_1.7.10-0ubuntu05.04_i386.deb
Size/MD5: 3342872 0fa8ce7b49a5bf9099e876c45d7e294e
mozilla-dom-inspector_1.7.10-0ubuntu05.04_i386.deb
Size/MD5: 115828 901524c4341f6e9c187c325823af9995
mozilla-js-debugger_1.7.10-0ubuntu05.04_i386.deb
Size/MD5: 204148 a8d9a4a49d53984d8a0b028333cbe0d1
mozilla-mailnews_1.7.10-0ubuntu05.04_i386.deb
Size/MD5: 1780858 267c6c6389de344bf71332ea0248ac00
mozilla-psm_1.7.10-0ubuntu05.04_i386.deb
Size/MD5: 188192 cbdc25cfb559cf8080f8430251fa5334
mozilla_1.7.10-0ubuntu05.04_i386.deb
Size/MD5: 1040 0059e2b4cae42fcce02d9a6e999973fa

powerpc architecture (Apple Macintosh G3/G4/G5)

libnspr-dev_1.7.10-0ubuntu05.04_powerpc.deb
Size/MD5: 168072 ce35aab4bac03e2e597205fa0c07ef7f
libnspr4_1.7.10-0ubuntu05.04_powerpc.deb
Size/MD5: 125410 b9f7aca9a2c1b4a5849f99bf019f545c
libnss-dev_1.7.10-0ubuntu05.04_powerpc.deb
Size/MD5: 184944 cb2727093d228450f2eda33edde7fbc8
libnss3_1.7.10-0ubuntu05.04_powerpc.deb
Size/MD5: 713078 220b0e60522361ae8f004d39412948c1
mozilla-browser_1.7.10-0ubuntu05.04_powerpc.deb
Size/MD5: 9168634 ef5834e1946c772b82dd6556bbbb3b41
mozilla-calendar_1.7.10-0ubuntu05.04_powerpc.deb
Size/MD5: 403272 1d25b0888c9e5f26cddcaf098262ffb2
mozilla-chatzilla_1.7.10-0ubuntu05.04_powerpc.deb
Size/MD5: 158330 0ef7507f9bf5afe90a169aaa6857f041
mozilla-dev_1.7.10-0ubuntu05.04_powerpc.deb
Size/MD5: 3338630 3b1dbdbd8c43564ff5f93dd06ee22670
mozilla-dom-inspector_1.7.10-0ubuntu05.04_powerpc.deb
Size/MD5: 114568 a67a49248469e7f890cd3a91e6248f9a
mozilla-js-debugger_1.7.10-0ubuntu05.04_powerpc.deb
Size/MD5: 204156 6cc870984199c8f9edea55d89333f784
mozilla-mailnews_1.7.10-0ubuntu05.04_powerpc.deb
Size/MD5: 1642886 0569609ed88d459aaad2e83877dea6c1
mozilla-psm_1.7.10-0ubuntu05.04_powerpc.deb
Size/MD5: 175486 d494cff4442b868bc3ec0942c2881e29
mozilla_1.7.10-0ubuntu05.04_powerpc.deb
Size/MD5: 1034 f4c3ac4e8b6e1623dd3b98ca804d5146

--0ntfKIWw70PvrIHh
Content-Description: Digital signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)

iD8DBQFC5pBCDecnbV4Fd/IRAlG+AJ4sqqXMiDucL79e8ixYwHpkC9GdOACeKoUX
aevsvnlVyh8vYVb8Yvg9wog=
=jOZN
-----END PGP SIGNATURE-----

--0ntfKIWw70PvrIHh--


--===============0065754924=MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

--
ubuntu-security-announce mailing list
ubuntu-security-announce@lists.ubuntu.com
http://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce



--===============0065754924==--
Pro-Linux
Pro-Linux @Facebook
Neue Nachrichten
Werbung