SecurityFocus

RE: [Full-disclosure] Browser bugs hit IE, Firefox today (SANS) Jun 30 2006 04:51PM
Schmehl, Paul L (pauls utdallas edu)

-----Original Message-----
From: full-disclosure-bounces (at) lists.grok.org (dot) uk [email concealed]
[mailto:full-disclosure-bounces (at) lists.grok.org (dot) uk [email concealed]] On Behalf Of Juha-Matti
Laurio
Sent: Thursday, June 29, 2006 8:08 PM
To: bugtraq (at) securityfocus (dot) com [email concealed]; full-disclosure (at) lists.grok.org (dot) uk [email concealed]
Subject: Re: [Full-disclosure] Browser bugs hit IE, Firefox today (SANS)

The related SANS Internet Storm Center Diary entry is the following:
http://isc.sans.org/diary.php?storyid=1448

This story was updated later on Wednesday to include detailed test results.
Secunia test link included to SA20825 advisory was used.

I have not reproduced it with Firefox 1.5.0.4 in Win XP SP2 and W2K SP4 SF,
for some reason.
Firefox version is localized in my test environment, as well.

Tested on:
Firefox 1.5.0.4 on Mac OS 10.4 - not vulnerable
Firefox 1.5.0.4 on FreeBSD 6.0 (x86) - not vulnerable
Firefox 1.5.0.4 on Windows XP Professional SP2 - not vulnerable
Internet Explorer 6.0.2900.2180.xpsp.050622-1524 on Windows XP Professional
SP2 - vulnerable

Paul Schmehl (pauls (at) utdallas (dot) edu [email concealed])
Adjunct Information Security Officer
University of Texas at Dallas
http://www.utdallas.edu/ir/security/
0? *?H?÷
?0?10 +0? *?H?÷
?Ñ0?0?l¹/`Ì??¡zF ¸[pl?¯0
*?H?÷
0Á10 UUS10U
VeriSign, Inc.1<0:U3Class 2 Public Primary Certification Authority - G21:08U1(c) 1998 VeriSign, Inc. - For authorized use only10UVeriSign Trust Network0
980518000000Z
280801235959Z0Á10 UUS10U
VeriSign, Inc.1<0:U3Class 2 Public Primary Certification Authority - G21:08U1(c) 1998 VeriSign, Inc. - For authorized use only10UVeriSign Trust Network0?0
*?H?÷
0?§?!t,çð?á?<!ñ?Û?é?üÂ¾_RÈÌ,V,¸i,Ì?°?®yò9Á{?º
,èÂ?,ªié ôÇ©¤BÂ#OJØð¢û1lÉæo?'õæôLx?mëF?ú¹?ÉTò²Ä¯ÔFZÉ0ÿ
lõ-mÎw0
*?H?÷
r.ùÑñqûÄ?öÅ^Q?@?¸hø??Øâ½ÿí¡æfê/ ôÊ×ê¥+?ö$`?MD.?¥Ä- Ó®xiorÚl®ðc?7æ»Ä0wÌI5ªÏØÑ¾·?GsjT"4d-¶?Y[´QY:³
ôßg ô2d^±Fr'?{ÅD´®0?Ø0?A Aì=§?ÄöÕÝÑe0
*?H?÷
0Á10 UUS10U
VeriSign, Inc.1<0:U3Class 2 Public Primary Certification Authority - G21:08U1(c) 1998 VeriSign, Inc. - For authorized use only10UVeriSign Trust Network0
990331000000Z
090330235959Z0ê1'0%U
The University of Texas System10UVeriSign Trust Network1;09U2Terms of use at https://www.verisign.com/rpa (c)991200U)Class 2 CA - OnSite Individual Subscriber1-0+U$The University of Texas at Dallas CA0?0
*?H?÷
0?¿êï?ë
Áù"ÁÑÁÌÛzÚ¾6Òp`0`åàS/5ôÉ¨)ÖÞ=ó?d}¾Ñ?Tx?ÿ¢xñû?«Ãü?LÂIA
áÀÒ¥×ü~ÿBQNtóÕhs¥]1øæ)%c¨#?Dj?°9ñïÛFXÃº¸ÏKózÁ¢I??#Cº?2?£¥0¢0
)U"0 ¤010UPrivateLabel1-1400 `?H?øB0DU =0;09`?H?øE0*0(+https://www.verisign.com/RPA0U
0ÿ0U0
*?H?÷
S µÜ²¶?Ñ P?É8yÜÈ²I¿¸S?o?Ì²äz|ü£è_a^_??ZÒ?"ñ¼íñT¶T¦T¡T¼iÇ!7¢?9?§¬ ?è?]?
H9Y?$ C¼??Ü?táæã¾j¤?11#%?¯º,Q?Y¦£?Ò´ÎT0?s0?Ü G?9ðÑõÔ#·]tY_¹ï0
*?H?÷
0ê1'0%U
The University of Texas System10UVeriSign Trust Network1;09U2Terms of use at https://www.verisign.com/rpa (c)991200U)Class 2 CA - OnSite Individual Subscriber1-0+U$The University of Texas at Dallas CA0
060627000000Z
070627235959Z0ô1'0%U
The University of Texas System1-0+U$The University of Texas at Dallas CA1F0DU=www.verisign.com/repository/CPS Incorp. by Ref.,LIAB.LTD(c)9910UMail Stop - UTD10UPaul Schmehl1!0 *?H?÷
pauls (at) utdallas (dot) edu0 [email concealed]?0
*?H?÷
0?¬@Â¡l.éí\Ó?î ?¼ð87E«}UU"bÇpo¡Ql½{»?¢1Ö#?$ãºZ/âj
Yè?ÄY§W1(3ë«µþQî¤?`??,$;aÙ!á<&ym BYÍÆñ0At#_{?}õÜ?ÙÇ?û©ùùk?k£?0?0 U00U0pauls (at) utdallas (dot) edu0 [email concealed]?$U ?0?0?`?H?øE0?0++https://www.verisign.com/rpa-
kr0Ò+0ÅÂNOTICE: Private key may be recovered by VeriSign's customer who may be able to decrypt messages you send to certificate holder. Use is subject to terms at https://www.verisign.com/rpa-kr (c)99.0 `?H?øB?0uUn0l0j h f?dhttp://onsitecrl.verisign.com/TheUnive
rsityofTexasSystemTheUniversityofTexasatDallasCA/LatestCRL.crl0U
0U%0++0
*?H?÷
·TÁß¿°òG¢52Çä+Xà®ØM?ïá×À0¾?ØÙ¦YµªÇt¤ë\*V?3Ø÷¤6?Ù!'sK?ø+"TV¸Þ°ý©E:Ý¬Q??IÆº^ÈüÉ?¶¼?·¸]-ê{k?Ã*þ|Ï4ÝùÝ@??.hïC¥0?s0?Ü
T}Ïu,röGH?H?Ã0
*?H?÷
0ê1'0%U
The University of Texas System10UVeriSign Trust Network1;09U2Terms of use at https://www.verisign.com/rpa (c)991200U)Class 2 CA - OnSite Individual Subscriber1-0+U$The University of Texas at Dallas CA0
060627000000Z
070627235959Z0ô1'0%U
The University of Texas System1-0+U$The University of Texas at Dallas CA1F0DU=www.verisign.com/repository/CPS Incorp. by Ref.,LIAB.LTD(c)9910UMail Stop - UTD10UPaul Schmehl1!0 *?H?÷
pauls (at) utdallas (dot) edu0 [email concealed]?0
*?H?÷
0?«°øqµxü|¶^03Ëì?°nH
øÕäjæPyê¬I2??R«Ô?LÔ?Á~áô=¤Þ??ç?9êÉ? |êFEg,óW0??º}{9ÙOpÊ§J?>òÝãéín?ÉùR+ï¨sÑ?Ó*c.ÕðwÞ `ÃÎHü¹£?0?0 U00U0pauls (at) utdallas (dot) edu0 [email concealed]?$U ?0?0?`?H?øE0?0++https://www.verisign.com/rpa-
kr0Ò+0ÅÂNOTICE: Private key may be recovered by VeriSign's customer who may be able to decrypt messages you send to certificate holder. Use is subject to terms at https://www.verisign.com/rpa-kr (c)99.0 `?H?øB?0uUn0l0j h f?dhttp://onsitecrl.verisign.com/TheUnive
rsityofTexasSystemTheUniversityofTexasatDallasCA/LatestCRL.crl0U
?0U%0++0
*?H?÷
`¾«?¡ÖúC-8G:½!*À¢±Ï~?s#'ëð"?V?uB¹?=g f?àð.Õ6Çø6QeA^Ë¹/?v}Ý?/ÉfQ.U??©8ö?Ã÷[¼ý:)4qÇY?<Ü¶?5?"Ç=??³Ús72=Õ
&i_{ê?1??0??0ÿ0ê1'0%U
The University of Texas System10UVeriSign Trust Network1;09U2Terms of use at https://www.verisign.com/rpa (c)991200U)Class 2 CA - OnSite Individual Subscriber1-0+U$The University of Texas at Dallas CAT}Ïu,röGH?H?Ã0 + ?ò0 *?H?÷
1 *?H?÷
0 *?H?÷
1
060630165134Z0# *?H?÷
1óÏ:¥}e ;÷`a·¼«¶±Á0g *?H?÷
1Z0X0
*?H?÷
0*?H?÷
?0
*?H?÷
@0+0
*?H?÷
(0+0
*?H?÷
0? +?71?0ÿ0ê1'0%U
The University of Texas System10UVeriSign Trust Network1;09U2Terms of use at https://www.verisign.com/rpa (c)991200U)Class 2 CA - OnSite Individual Subscriber1-0+U$The University of Texas at Dallas CAG?9ðÑõÔ#·]tY_¹ï0?*?H?÷
1? ÿ0ê1'0%U
The University of Texas System10UVeriSign Trust Network1;09U2Terms of use at https://www.verisign.com/rpa (c)991200U)Class 2 CA - OnSite Individual Subscriber1-0+U$The University of Texas at Dallas CAG?9ðÑõÔ#·]tY_¹ï0
*?H?÷
?a·«lÆýqWi©TÉ'îÿ0¤jWn
Äòà²ÇO3â[co?µ?ËjÅ?f!N©Ô}ÇbÔþ
~Ö²cê±M5)Ð-Ý??»ÂBQÅ?Ö«=¢ðæL»c,Ö·/ÀðdEf G©1ÁWÇ?ùñâ¡ßwGpFaz?C??n,Ó

[ reply ]