Intrusion Prevention

Mozilla.Browsers.IDN.Spoofing

Description

This indicates an attempted phishing attack in Mozilla browser, when IDN is supported. It allows remote attackers to spoof domain names using punycode encoded domain names that are decoded in URLs and SSL certificates.

Affected Products

Firefox 1.0, Camino .8.5, and Mozilla before 1.7.6

Impact

Privilege escalation.

Recommended Actions

Fedora Legacy advisory FLSA:178606 is available.
Mozilla Firefox Preview Release
Mozilla firefox-1.0.1-source.tar.bz2
http://ftp.mozilla.org/pub/mozilla.org/firefox/releases/1.0.1/source/f irefox-1.0.1-source.tar.bz2
Mozilla Firefox 0.9 rc
Mozilla firefox-1.0.1-source.tar.bz2
http://ftp.mozilla.org/pub/mozilla.org/firefox/releases/1.0.1/source/f irefox-1.0.1-source.tar.bz2
Mozilla Firefox 0.9.1
Mozilla firefox-1.0.1-source.tar.bz2
http://ftp.mozilla.org/pub/mozilla.org/firefox/releases/1.0.1/source/f irefox-1.0.1-source.tar.bz2
Mozilla Browser 1.7
Slackware gaim-1.2.0-i486-1.tgz
ftp://ftp.slackware.com/pub/slackware/slackware-10.0/patches/packages/ gaim-1.2.0-i486-1.tgz
Slackware gaim-1.2.0-i486-1.tgz
ftp://ftp.slackware.com/pub/slackware/slackware-10.1/patches/packages/ gaim-1.2.0-i486-1.tgz
Slackware mozilla-1.7.6-i486-1.tgz
ftp://ftp.slackware.com/pub/slackware/slackware-10.0/patches/packages/ mozilla-1.7.6-i486-1.tgz
Slackware mozilla-1.7.6-i486-1.tgz
ftp://ftp.slackware.com/pub/slackware/slackware-10.1/patches/packages/ mozilla-1.7.6-i486-1.tgz
Slackware mozilla-plugins-1.7.6-noarch-1.tgz
ftp://ftp.slackware.com/pub/slackware/slackware-10.0/patches/packages/ mozilla-plugins-1.7.6-noarch-1.tgz
Slackware mozilla-plugins-1.7.6-noarch-1.tgz
ftp://ftp.slackware.com/pub/slackware/slackware-10.1/patches/packages/ mozilla-plugins-1.7.6-noarch-1.tgz
Apple Mac OS X 10.3.8
Apple SecUpd2005-003Pan.dmg
http://wsidecar.apple.com/cgi-bin/nph-reg3rdpty1.pl/product=05529&plat form=osx&method=sa/SecUpd2005-003Pan.dmg
Apple Mac OS X Server 10.3.8
Apple SecUpdSrvr2005-003Pan.dmg
http://wsidecar.apple.com/cgi-bin/nph-reg3rdpty1.pl/product=05530&plat form=osx&method=sa/SecUpdSrvr2005-003Pan.dmg

CVE References

CVE-2005-0233