Detections
Analytics
FreeBSD : mozilla -- 'Wrapped' javascript: urls bypass security checks (a81746a1-c2c7-11d9-89f7-02061b08fc24)
high Nessus Plugin ID 19070
Synopsis
The remote FreeBSD host is missing one or more security-related updates.Description
A Mozilla Foundation Security Advisory reports :Some security checks intended to prevent script injection were incorrect and could be bypassed by wrapping a javascript: url in the view-source : pseudo-protocol. Michael Krax demonstrated that a variant of his favicon exploit could still execute arbitrary code, and the same technique could also be used to perform cross-site scripting.
Georgi Guninski demonstrated the same flaw wrapping javascript: urls with the jar: pseudo-protocol.
L. David Baron discovered a nested variant that defeated checks in the script security manager.
Workaround: Disable JavaScript
Solution
Update the affected packages.See Also
https://www.mozilla.org/en-US/security/advisories/mfsa2005-43/
Plugin Details
Severity: High
ID: 19070
File Name: freebsd_pkg_a81746a1c2c711d989f702061b08fc24.nasl
Version: 1.18
Type: local
Family: FreeBSD Local Security Checks
Published: 7/13/2005
Updated: 1/6/2021
Supported Sensors: Nessus
Vulnerability Information
CPE: p-cpe:/a:freebsd:freebsd:de-linux-mozillafirebird, p-cpe:/a:freebsd:freebsd:de-linux-netscape, p-cpe:/a:freebsd:freebsd:de-netscape7, p-cpe:/a:freebsd:freebsd:el-linux-mozillafirebird, p-cpe:/a:freebsd:freebsd:firefox, p-cpe:/a:freebsd:freebsd:fr-linux-netscape, p-cpe:/a:freebsd:freebsd:fr-netscape7, p-cpe:/a:freebsd:freebsd:ja-linux-mozillafirebird-gtk1, p-cpe:/a:freebsd:freebsd:ja-linux-netscape, p-cpe:/a:freebsd:freebsd:ja-mozillafirebird-gtk2, p-cpe:/a:freebsd:freebsd:ja-netscape7, p-cpe:/a:freebsd:freebsd:linux-firefox, p-cpe:/a:freebsd:freebsd:linux-mozilla, p-cpe:/a:freebsd:freebsd:linux-mozilla-devel, p-cpe:/a:freebsd:freebsd:linux-mozillafirebird, p-cpe:/a:freebsd:freebsd:linux-netscape, p-cpe:/a:freebsd:freebsd:linux-phoenix, p-cpe:/a:freebsd:freebsd:mozilla, p-cpe:/a:freebsd:freebsd:mozilla%2bipv6, p-cpe:/a:freebsd:freebsd:mozilla-embedded, p-cpe:/a:freebsd:freebsd:mozilla-firebird, p-cpe:/a:freebsd:freebsd:mozilla-gtk, p-cpe:/a:freebsd:freebsd:mozilla-gtk1, p-cpe:/a:freebsd:freebsd:mozilla-gtk2, p-cpe:/a:freebsd:freebsd:mozilla-thunderbird, p-cpe:/a:freebsd:freebsd:netscape7, p-cpe:/a:freebsd:freebsd:phoenix, p-cpe:/a:freebsd:freebsd:pt_br-netscape7, p-cpe:/a:freebsd:freebsd:ru-linux-mozillafirebird, p-cpe:/a:freebsd:freebsd:zhcn-linux-mozillafirebird, p-cpe:/a:freebsd:freebsd:zhtw-linux-mozillafirebird, cpe:/o:freebsd:freebsd
Required KB Items: Host/local_checks_enabled, Host/FreeBSD/release, Host/FreeBSD/pkg_info
Patch Publication Date: 5/12/2005
Vulnerability Publication Date: 5/11/2005