FireFox浏览器出现漏洞 用户可遭到钓鱼攻击

2005年01月06日 16:44　太平洋电脑网
开源浏览器Firefox新发现了一个安全漏洞，它可以使到用户遭受钓鱼攻击。安全专家已经披露了这个存在于Mozilla / Mozilla Firefox的漏洞，它会在下载对话框显示假冒来源。原因是浏览器不能正确显示长子域和目录路径，导致下载地址被模糊化，得以欺骗用户。

　　目前，受这个漏洞影响的浏览器包括Mozilla 1.7.3 for Linux, Mozilla 1.7.5 for Windows以及Mozilla Firefox 1.0，而其他版本也存在受影响的可能性。至于解决办法现在还没有出台，但相关服务商承诺会在受影响产品的未来版本对这个漏洞进行修复。

这个“漏洞”是在Secunia的系统里报告的，重要性为“不很重要”。在mozilla的bugzilla系统里也早已报告，具体一点说就是mozilla、firefox的下载管理器中下载文件‘属性’面板宽度有限，所以所下载的东西的地址不能完全显示，因此你看到的“有限宽度”的地址可能是假冒的，但是很简单，只要你在下载的文件的“属性”一栏拖动，就能看到全部地址了。
个人认为这个‘漏洞’不会得到任何修补，因为比较简单。
因此我得建议是：

1。确定下载地址安全
2。查看下载文件属性（下载管理器 下载文件 右键 属性）

测试网页：

https://bugzilla.mozilla.org/attachment.cgi?id=169226
(测试网页的解决方法见附图)

以下原文来自Secunia

-----------------------------
Mozilla / Mozilla Firefox Download Dialog Source Spoofing

Secunia Advisory: SA13599 Print Advisory  
Release Date: 2005-01-04

Critical:
Less critical
Impact: Spoofing
Where: From remote
Solution Status: Unpatched

Software: Mozilla 1.7.x
Mozilla Firefox 1.x

Select a product and view a complete list of all Patched/Unpatched Secunia advisories affecting it.

Description:
Secunia Research has discovered a vulnerability in Mozilla / Mozilla Firefox, which can be exploited by malicious people to spoof the source displayed in the Download Dialog box.

The problem is that long sub-domains and paths aren't displayed correctly, which therefore can be exploited to obfuscate what is being displayed in the source field of the Download Dialog box.

The vulnerability has been confirmed in Mozilla 1.7.3 for Linux, Mozilla 1.7.5 for Windows, and Mozilla Firefox 1.0. Other versions may also be affected.

Solution:
Do not follow download links from untrusted sources.

Provided and/or discovered by:
Jakob Balle, Secunia Research.

Original Advisory:
Secunia Research:
http://secunia.com/secunia_research/2004-15/advisory/

Other References:
Bugzilla #275417:
https://bugzilla.mozilla.org/show_bug.cgi?id=275417


Please note: The information, which this Secunia Advisory is based upon, comes from third party unless stated otherwise.

Secunia collects, validates, and verifies all vulnerability reports issued by security research groups, vendors, and others.
--------------------------------

以下为bugzilla 275417 的报告：

Description:  [reply]   Opened: 2004-12-20 12:02 PST

To go along with the download box spoof reported in bug SA12712 Jakob Balle
submits a demonstration to make the download dialog more convincing by obscuring
the software source. The demo takes advantage of the default length truncation
(similar to truncation of the filename in bug 258601). While the dialog /can/ be
resized to see the whole url, most people won't think to do that or even know
it's possible.

－－－－－－－－－－－－－－－－－－－－－－－－－－－－－－

附图为测试网页的解决方法，左边为“phishing”的现象，看上去像是从花旗银行下载的东西，但是鼠标拖动显示全部地址，就看到那些"AAAAAAA...."的东西了。[/code]

虚惊一场

原来有人说过图片属性中图片地址显示也不完全

呵呵,我说的,难道就不能搞成自动换行?