Vulberabilities: ID Theft Vulnerability Haunts Firefox

January 5, 2008 by Shanmuga
Filed under ID Theft, Vulnerabilities

"Israeli security researcher Aviv Raff has issued a warning for a fairly serious browser vulnerability that exposes Firefox users to identity theft attacks. Raff, a well-respected hacker who regularly reports security problems in software products, discovered a way to use a browser bug to lure Firefox users into entering login credentials into a maliciously rigged dialog box.

Mozilla Firefox displays an authentication dialog, whenever the visited web server returns 401 status code, and the “WWW-Authenticate” header. In order to specify basic authentication, the “WWW-Authenticate” header should have the value [Basic realm="XXX"] (without the brackets). The Realm value, which in this case is XXX, will be displayed in the authentication dialog window." Browsers – ID Theft Vulnerability Haunts Firefox – Ryan Naraine’s Security Watch

If you enjoyed this post, make sure you subscribe to my RSS feed!

Comments

Everyone has an Opinion...why don't you share yours and oh, if you want a pic to show with your comment, go get a gravatar! or you can even subscribe to our comments feed.

Note:

_{All fields except the comments field are optional.}
_{Real names aren't required, but please give us something to call you. Conversations among several people called "Anonymous" get too confusing.}
_{All comments are pre-moderated, and will not appear on this site until approved by the site owner.}

Vulberabilities: ID Theft Vulnerability Haunts Firefox

Comments

Sponsors

Featured Video

Security Software

Online Scanners

Topics

Translate

Advertisement

Recent Posts

Advertisement

Articles

Advertisement

Vulberabilities: ID Theft Vulnerability Haunts Firefox

You may also like to read

Comments

Tags

More News, Articles from elsewhere

Sponsors

Featured Video

Security Software

Online Scanners

Topics

Translate

Advertisement

Recent Posts

Advertisement

Articles

Advertisement