Results 1 to 10 of 10
  1. #1
    ABW Ambassador
    Join Date
    January 17th, 2005
    Posts
    530

  2. #2
    MasterMike HardwareGeek's Avatar
    Join Date
    January 18th, 2005
    Posts
    3,810
    yeah this is a flaw from 2001

  3. #3
    ABW Ambassador
    Join Date
    January 17th, 2005
    Posts
    530
    And they still haven't found a fix for it?

  4. #4
    ABW Ambassador
    Join Date
    January 17th, 2005
    Posts
    530
    You can test your system to see if it is vulnerable here:
    http://secunia.com/multiple_browsers_idn_spoofing_test/

  5. #5
    MasterMike HardwareGeek's Avatar
    Join Date
    January 18th, 2005
    Posts
    3,810
    It really isn't a flaw.
    If they fix it they wil render domains that use those special characters useless.

  6. #6
    ABW Ambassador
    Join Date
    January 17th, 2005
    Posts
    530
    I don't know much about it, just read about it in the Warriors forum where people
    there made it sound like it was serious, and I know a lot of people are switching
    to Firefox so thought it would be of interest. On the pcdoctor site it says:

    "A flaw in the browsers Mozilla and Firefox has been found that can be used to redirect the browser to an alternate web location other than what appears to be in the address bar by a malicious website."

    Could something like this be used by someone to make it look like you are on, say
    the Paypal or Citibank site, in your address bar but you really are not? That's kind
    of what it sounds like to me.

  7. #7
    ABW Ambassador
    Join Date
    January 17th, 2005
    Posts
    530
    Also, someone on the Warriors Forum said that Firefox is currently working on a
    fix for this. Whether they know what they are talking about or not, I have no idea.

  8. #8
    ABW Ambassador
    Join Date
    January 17th, 2005
    Posts
    530
    Someone on the Warriors Forum has posted a temporary fix for this problem, I'll just
    copy and paste it below:
    *****

    Hello Warriors...

    I came across some good info that worked for me:

    Until they come out with a true fix there is a workaround by disabling IDN support:

    To do this, you will have to edit compreg.dat, which is located in your Firefox profile directory.

    For Windows
    c:\Documents and Settings\$USER\Application Data\Mozilla\Firefox\Profiles\default.random\compreg.dat

    Open this file with a text editor which understands the line endings in it, such as Wordpad (or your favourite text editor on other platforms)

    Use the FIND command to comment out the 2 lines containing IDN by adding # at the start of the line.

    Example:

    # @mozilla.org/network/idn-service;1,{62b778a6-bce3-456b-8c31-2865fbb68c91}

    Removing the lines and restarting the browser makes the attack fail regardless of changes made in about:config

    PLEASE NOTE that you will have to repeat this edit if you install any themes or extensions, as compreg.dat gets regenerated.

    Hope this helps.

    -Dave

    Just remember this is a workaround until a fix is officially issued... and if you install any themes or extensions you'll have to repeat the process since compreg.dat gets regenerated.

  9. #9
    ABW Veteran Mr. Sal's Avatar
    Join Date
    January 18th, 2005
    Posts
    6,795
    Thanks for that post Dave.

    I don't use Firefox, but I installed Firefox last month to try it and I didn't like it so I thought that when I used the Add/Remove Programs in windows to remove it, that it was totally gone from my computer.

    Today when I read your post I decided to search for compreg.dat on my HD and fund that it was there, along with other 87 files in 7 folders for a total of 7.3 MB of data that I don't need on my HD.

    Every time that I remove a program from my computer, I like to remove all traces of that program but, I guess I missed that one.

    Thanks.

    Sal.

  10. #10
    ABW Adviser Panel Dynamoo's Avatar
    Join Date
    January 18th, 2005
    Location
    Opposite the Slough of Despond
    Posts
    5,465
    It's a bit of a stupid flaw that, but both Mozilla/Firefox and Opera are vulnerable because they're implementing a web standard - Microsoft don't give a stuff about standards and aren't vulnerable.

    I think the score is: Internet Explorer - 2, Firefox - 478.

    This is primarily useful as a fishing attack, and I think the bottom line is that phishermen will always keep trying new things. The only safe thing to do when you want to visit your bank, PayPay, eBay etc is to type the URL directly into the address bar.
    Innovative advertising with Slimeware Corporation and Telephore. Mail-order fuel with Petrol Direct.

  11. Newsletter Signup

+ Reply to Thread

Similar Threads

  1. Report/Stats flaw
    By chillini in forum ShareASale - SAS
    Replies: 3
    Last Post: February 10th, 2009, 11:26 PM
  2. Firefox extension allows analytics to be viewed in firefox.
    By jrb16915 in forum Rakuten LinkShare - LS
    Replies: 3
    Last Post: November 9th, 2005, 04:09 PM
  3. Critical Flaw Found in Firefox
    By ~Michelle in forum Midnight Cafe'
    Replies: 32
    Last Post: May 14th, 2005, 10:42 PM
  4. Yet Another Microsoft Flaw
    By Dynamoo in forum Midnight Cafe'
    Replies: 0
    Last Post: February 10th, 2004, 03:15 PM
  5. Major Flaw & Simple Fix at Performics
    By wentzco in forum Google Affiliate Network - GAN
    Replies: 5
    Last Post: August 7th, 2003, 09:13 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •