Brandon Posted December 7, 2005 Report Share Posted December 7, 2005 An exploit for the new Firefox 1.5 browser was released today that causes a denial of service condition using a simple web page as a trigger.The heart of the problem lies with the history.dat file that Firefox creates, according to a posting on Packet Storm. The exploit creates a very large entry which Firefox then saves into the history.dat file. This causes the browser to crash the next time it is opened, and each time after that until the history.dat file is deleted from the system.The author of the exploit points out that average users may have difficulty figuring out this fix, preventing browser use and effectively creating a denial of service condition. In the past there have been debates over browser bugs and if they are truly denial of service attacks - today’s bug is sure to rekindle these arguments.The final line of the exploit description warns that code execution is a possibility with some modifications to the sample exploit.Story Quote Link to post Share on other sites
CurlingSteve Posted December 7, 2005 Report Share Posted December 7, 2005 (edited) It's not a big deal.Just delete History.dat in your profile folder.And it doesn't appear to be crashing everyone.I had to work hard to crash mine.Firefox - Buffer Overflow ExploitBug 319004 Edited December 7, 2005 by CurlingSteve Quote Link to post Share on other sites
Brandon Posted December 8, 2005 Author Report Share Posted December 8, 2005 The weakness is caused due to an error in the handling of large history information. This can be exploited to fill the history file "history.dat" with large history information by tricking a user into visiting a malicious web site with an overly large title (e.g. set via JavaScript).Successful exploitation causes the browser to consume a large amount of CPU and memory resources on a vulnerable system when the affected browser is started up again after an attack. Users may have to remove the "history.dat" file in order to be able to use the affected browser.The weakness has been confirmed in version 1.5. Other versions may also be affected.Solution:Configure Firefox to clear history information when closing the browser. This affects functionality.Tools -> Options... --> Privacy --> Settings...Story Quote Link to post Share on other sites
Brandon Posted December 12, 2005 Author Report Share Posted December 12, 2005 The patch is expected to be released early next year and the users of the Mozilla Firefox 1.5 browsers would get it through the integrated auto-update mechanism. The patch would be included in the next regularly scheduled stability build of Firefox. This means that the next updated version is expected to arrive by late January or early February.Story Quote Link to post Share on other sites
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.