[DM-MUG] New exploit published today - affects Safari and Mozilla
Bryan Baker
dmmug@dmmug.org
Mon, 7 Feb 2005 14:13:31 -0600
--Apple-Mail-9-650993399
Content-Transfer-Encoding: 7bit
Content-Type: text/plain;
charset=US-ASCII;
delsp=yes;
format=flowed
Thought I'd give a heads up that an exploit (mentioned today on
Slashdot):
"East coast hacker con Shmoocon ended today and they had a nasty
browser exploit to show off... using International Domain Name (IDN)
character support to display fake domain names in links and the address
bar. Their examples use Paypal (with SSL too) and this looks very
useful for phishing attacks. Interesting note that it works in every
browser *except* IE (which makes this exploit a lot less dangerous in
the end, I suppose). The reason IE isn't vulnerable is because it
doesn't natively support IDN; with the right plug-in, it too is
vulnerable. "
http://it.slashdot.org/article.pl?sid=05/02/07/
1323206&tid=172&tid=113&tid=154&tid=95&tid=1
http://www.shmoo.com/idn/
So, be even more cautious than usual when dealing with email asking for
anything sensitive.
As of yet, Apple had no response, in Mozilla based browsers it's
possible to at least disable the behavior that allows this.
--
Bryan Baker
President
Des Moines Macintosh Users Group
http://www.dmmug.org
president@dmmug.org
--Apple-Mail-9-650993399
Content-Transfer-Encoding: base64
Content-Type: application/pkcs7-signature;
name=smime.p7s
Content-Disposition: attachment;
filename=smime.p7s
MIAGCSqGSIb3DQEHAqCAMIACAQExCzAJBgUrDgMCGgUAMIAGCSqGSIb3DQEHAQAAoIIGFDCCAs0w
ggI2oAMCAQICAwxWgjANBgkqhkiG9w0BAQQFADBiMQswCQYDVQQGEwJaQTElMCMGA1UEChMcVGhh
d3RlIENvbnN1bHRpbmcgKFB0eSkgTHRkLjEsMCoGA1UEAxMjVGhhd3RlIFBlcnNvbmFsIEZyZWVt
YWlsIElzc3VpbmcgQ0EwHhcNMDQwNTE4MjIxNTAxWhcNMDUwNTE4MjIxNTAxWjBCMR8wHQYDVQQD
ExZUaGF3dGUgRnJlZW1haWwgTWVtYmVyMR8wHQYJKoZIhvcNAQkBFhBrYV9rbGlja0BtYWMuY29t
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuyTYo4QvaEigXA56XKB1W4FeJiLmE+Ff
gTHKohqxmbT2Xw/9csCJNZ8uXO/xWZhyhKnurH0Mhlh9ZmA6KfUT/h3dazjFDS4NoOwWWCltLP7q
Wl+S8Gm3p7TEgw87Jc2Squ+UZL8y03yV/xoSU/HzJGPAlU/anWavlnJCzZlkY/ahicGqDvJJVXBf
qHiiEGeGkubs5sAB5MCLMhE6iKD7L7cdKL71RF89UsnTAqD11ZpvmtRcwPGdP31C2GmH7e74dUdX
s4G1TM5mTczzb57Po7cTTAgE1AAdFh5XVUeB0QctIv5QfgWueaayD3WSI6tmb8r8KsRlI37Tho4f
4Mg4FQIDAQABoy0wKzAbBgNVHREEFDASgRBrYV9rbGlja0BtYWMuY29tMAwGA1UdEwEB/wQCMAAw
DQYJKoZIhvcNAQEEBQADgYEAlS7gkNLRhyPGw1XnwdIpNqfHx2nctR5DZZyHAMdsE2lsmtBaZkuY
ogZnMHoV9YJCdWx6m95LUziIqTUbBcoEnGwDTxhfEBh6iAJQ7pJgHKzYkynSznacm0eAy2EeTO0X
nadcKenL0nhcN5nj5vi2MfYpXzL1VxfF4ZNmzOsoocwwggM/MIICqKADAgECAgENMA0GCSqGSIb3
DQEBBQUAMIHRMQswCQYDVQQGEwJaQTEVMBMGA1UECBMMV2VzdGVybiBDYXBlMRIwEAYDVQQHEwlD
YXBlIFRvd24xGjAYBgNVBAoTEVRoYXd0ZSBDb25zdWx0aW5nMSgwJgYDVQQLEx9DZXJ0aWZpY2F0
aW9uIFNlcnZpY2VzIERpdmlzaW9uMSQwIgYDVQQDExtUaGF3dGUgUGVyc29uYWwgRnJlZW1haWwg
Q0ExKzApBgkqhkiG9w0BCQEWHHBlcnNvbmFsLWZyZWVtYWlsQHRoYXd0ZS5jb20wHhcNMDMwNzE3
MDAwMDAwWhcNMTMwNzE2MjM1OTU5WjBiMQswCQYDVQQGEwJaQTElMCMGA1UEChMcVGhhd3RlIENv
bnN1bHRpbmcgKFB0eSkgTHRkLjEsMCoGA1UEAxMjVGhhd3RlIFBlcnNvbmFsIEZyZWVtYWlsIElz
c3VpbmcgQ0EwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAMSmPFVzVftOucqZWh5owHUEcJ3f
6f+jHuy9zfVb8hp2vX8MOmHyv1HOAdTlUAow1wJjWiyJFXCO3cnwK4Vaqj9xVsuvPAsH5/EfkTYk
KhPPK9Xzgnc9A74r/rsYPge/QIACZNenprufZdHFKlSFD0gEf6e20TxhBEAeZBlyYLf7AgMBAAGj
gZQwgZEwEgYDVR0TAQH/BAgwBgEB/wIBADBDBgNVHR8EPDA6MDigNqA0hjJodHRwOi8vY3JsLnRo
YXd0ZS5jb20vVGhhd3RlUGVyc29uYWxGcmVlbWFpbENBLmNybDALBgNVHQ8EBAMCAQYwKQYDVR0R
BCIwIKQeMBwxGjAYBgNVBAMTEVByaXZhdGVMYWJlbDItMTM4MA0GCSqGSIb3DQEBBQUAA4GBAEiM
0VCD6gsuzA2jZqxnD3+vrL7CF6FDlpSdf0whuPg2H6otnzYvwPQcUCCTcDz9reFhYsPZOhl+hLGZ
GwDFGguCdJ4lUJRix9sncVcljd2pnDmOjCBPZV+V2vf3h9bGCE6u9uo05RAaWzVNd+NWIXiC3CEZ
Nd4ksdMdRv9dX2VPMYIC5zCCAuMCAQEwaTBiMQswCQYDVQQGEwJaQTElMCMGA1UEChMcVGhhd3Rl
IENvbnN1bHRpbmcgKFB0eSkgTHRkLjEsMCoGA1UEAxMjVGhhd3RlIFBlcnNvbmFsIEZyZWVtYWls
IElzc3VpbmcgQ0ECAwxWgjAJBgUrDgMCGgUAoIIBUzAYBgkqhkiG9w0BCQMxCwYJKoZIhvcNAQcB
MBwGCSqGSIb3DQEJBTEPFw0wNTAyMDcyMDEzMzJaMCMGCSqGSIb3DQEJBDEWBBT2BNxnkOi3u3jy
FLXPsduti/EQnzB4BgkrBgEEAYI3EAQxazBpMGIxCzAJBgNVBAYTAlpBMSUwIwYDVQQKExxUaGF3
dGUgQ29uc3VsdGluZyAoUHR5KSBMdGQuMSwwKgYDVQQDEyNUaGF3dGUgUGVyc29uYWwgRnJlZW1h
aWwgSXNzdWluZyBDQQIDDFaCMHoGCyqGSIb3DQEJEAILMWugaTBiMQswCQYDVQQGEwJaQTElMCMG
A1UEChMcVGhhd3RlIENvbnN1bHRpbmcgKFB0eSkgTHRkLjEsMCoGA1UEAxMjVGhhd3RlIFBlcnNv
bmFsIEZyZWVtYWlsIElzc3VpbmcgQ0ECAwxWgjANBgkqhkiG9w0BAQEFAASCAQBtAaUE/Ng+Y3Bq
IiivvQVnot9FByL0NcN8C465yijp9to0J+d/IV0OTDfPYR3KuCM2oJ0Zo6Tyt2Qed6MBHU/40tGV
ZkijvXMUo3ZVogQC8/jqz2YwrT2Snq8WkmZP3wVpXw9awHLdbjC0SjS7lerCPeEfv3bTdvKlQeD6
51aTGzYxlSGTSbq2Q+38yL6SgM1naUhG6z8Gd6eM1raI1vKDQwo5IvzXruCQsUFPQW7X/V3xvoyE
YafVLwcZNVOEpIp7DMhISS7P3q+/B1FYLEMs9mlhXVwwJWA3016DLp5INSSLhYzMXAScOsEk0vz+
AJFT2kYpaoEbyuevhr+QVQzMAAAAAAAA
--Apple-Mail-9-650993399--