Subscribe to Malware Help RSS Feed RSS Feed - Subscribe to Malware Help. Org on Twitter Follow on Twitter - Malware Help YouTube Channel YouTube Channel - Subscribe to Malware Help by Email Subscribe by Email

Vulberabilities: ID Theft Vulnerability Haunts Firefox

by Shanmuga| Tweet This | Google +1 | Facebook | Stumble It | Reddit | Digg |

mho0019-04-jan-08.jpg"Israeli security researcher Aviv Raff has issued a warning for a fairly serious browser vulnerability that exposes Firefox users to identity theft attacks. Raff, a well-respected hacker who regularly reports security problems in software products, discovered a way to use a browser bug to lure Firefox users into entering login credentials into a maliciously rigged dialog box.

Mozilla Firefox displays an authentication dialog, whenever the visited web server returns 401 status code, and the “WWW-Authenticate” header. In order to specify basic authentication, the “WWW-Authenticate” header should have the value [Basic realm=”XXX”] (without the brackets). The Realm value, which in this case is XXX, will be displayed in the authentication dialog window." Browsers – ID Theft Vulnerability Haunts Firefox – Ryan Naraine’s Security Watch

{ 0 comments… add one now }

Leave a Comment

Previous post:

Next post: