Subscribe: Subscribe to Malware Help. Org Full Post Feed Subscribe to Malware Help. Org Summary Feed

Custom Search
Search more than 150 trusted Websites for related information.

Vulberabilities: ID Theft Vulnerability Haunts Firefox

January 5, 2008 by Shanmuga  
Filed under ID Theft, Vulnerabilities

mho0019-04-jan-08.jpg"Israeli security researcher Aviv Raff has issued a warning for a fairly serious browser vulnerability that exposes Firefox users to identity theft attacks. Raff, a well-respected hacker who regularly reports security problems in software products, discovered a way to use a browser bug to lure Firefox users into entering login credentials into a maliciously rigged dialog box.

Mozilla Firefox displays an authentication dialog, whenever the visited web server returns 401 status code, and the “WWW-Authenticate” header. In order to specify basic authentication, the “WWW-Authenticate” header should have the value [Basic realm="XXX"] (without the brackets). The Realm value, which in this case is XXX, will be displayed in the authentication dialog window." Browsers – ID Theft Vulnerability Haunts Firefox – Ryan Naraine’s Security Watch

  • StumbleUpon
  • Digg
  • del.icio.us
  • Facebook
  • MySpace
  • Google Bookmarks
  • Live
If you enjoyed this post, make sure you subscribe to my RSS feed!

Post to Twitter

Limited Period Offers

Save 10% on Kaspersky AntiVirus 2010 - Coupon Code: KAV10
10% off Spyware Doctor - Coupon Code: pctools10
Get McAfee Total Protection for only $49.99 after $30 off!
Save 25% on a 2 year subscription of avast! 5 Pro Antivirus
Save 50% on ZoneAlarm Internet Security Suite 2010 ...More Offers

You may also like to read

Comments

Everyone has an Opinion...why don't you share yours and oh, if you want a pic to show with your comment, go get a gravatar! or you can even subscribe to our comments feed.

    Note:
  • All fields except the comments field are optional.
  • Real names aren't required, but please give us something to call you. Conversations among several people called "Anonymous" get too confusing.
  • All comments are pre-moderated, and will not appear on this site until approved by the site owner.





Tags

More News, Articles from elsewhere