Computer Security
[EN] securityvulns.ru no-pyccku


Firefox / Opera phishing protection bypass
Published:06.02.2007
Source:
SecurityVulns ID:7190
Type:remote
Threat Level:
2/10
Description:It's possible to bypass phishing protection by adding "." character to hostname or additional "/" after hostname.
Affected:MOZILLA : Firefox 2.0
 OPERA : Opera 9.10
CVE:CVE-2007-1762 (Mozilla Firefox 2.0.0.1 through 2.0.0.3 does not canonicalize URLs before checking them against the phishing site blacklist, which allows remote attackers to bypass phishing protection via multiple / (slash) characters in the URL.)
 CVE-2007-0802 (Mozilla Firefox 2.0.0.1 allows remote attackers to bypass the Phishing Protection mechanism by adding certain characters to the end of the domain name, as demonstrated by the "." and "/" characters, which is not caught by the Phishing List blacklist filter.)
 CVE-2006-6971 (Mozilla Firefox 2.0, possibly only when running on Windows, allows remote attackers to bypass the Phishing Protection mechanism by representing an IP address in (1) dotted-hex, (2) dotted-octal, (3) single decimal integer, (4) single hex integer, or (5) single octal integer format, which is not captured by the blacklist filter.)
 CVE-2006-6970 (Opera 9.10 Final allows remote attackers to bypass the Fraud Protection mechanism by adding certain characters to the end of a domain name, as demonstrated by the "." and "/" characters, which is not caught by the blacklist filter.)
Original documentdocumentKanedaaa Bohater, Firefox 2.0.0.1 and Opera 9.10 Anty Fraud/Phishing Protection bypass. (06.02.2007)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod