Two Flaws Affect Similarly IE and Firefox Respectively
In a rather unusual incident, the two most frequently used browsers worldwide have been simultaneously found with two flaws that affect in the same fashion. One flaw affects Internet Explorer version 6 and perhaps 7 too, and the other influences Firefox 1.5/2.0.
The vulnerabilities rest in the browsers' functionality that helps them to connect to a different server for uploading files there. The process works as a victim browses a booby-trapped website and enters textual content using certain characters in a comment interface or other input area.
If an attacker can convince the user to enter the appropriate characters, he can, by exploiting the design flaws, send certain keystrokes to a different application. Attackers could take help of typing-intensive tools such as keyboard-based games and comment mediums to gather a user's text and transmit keystrokes to a remote application. According to GNUCitizen.org, the flaws could also make an impact on the Opera browser.
The required user interface can minimize the impact to some extent. But a website, which accepts a reasonable amount of user's text such as in a keyboard-controlled web game, a commenting interface, or in a blog posting, there one can exploit the flaws and succeed with one user or another, said researcher Michal Zalewski in a posting to the Full Disclosure security mailing list.
After investigating the vulnerabilities, researcher Petko D. Petlkov said in news for The Register that by using similar techniques it is easy to reveal more sensitive files, for instance C:\WINDOWS\system32\config\SAM on Windows or /etc/passwd on Unix-based computers.
Microsoft is investigating the report, said a company spokesman. Microsoft security team's initial results match with the report. This consistency is especially valid where an attacker could procure access to user files with the knowledge of the location of a given file, provided the attacker is able to convince his victim to key in the location of that file in a website.
Two demonstrations separately for IE and Firefox show how the vulnerabilities work by typing a message that shows up Windows user's boot.ini file. Now the wait is about who will design the patch - Microsoft of Mozilla.
Related article: THE SPAM MAFIA
» SPAMfighter News - 23-02-2007