[DM-MUG] New exploit published today - affects Safari and Mozilla

Bryan Baker dmmug@dmmug.org
Wed, 16 Feb 2005 16:32:59 -0600 

--Apple-Mail-7--710522191
Content-Transfer-Encoding: 7bit
Content-Type: text/plain;
	charset=US-ASCII;
	delsp=yes;
	format=flowed

Another data point:

http://bob.pythonmac.org/archives/2005/02/07/idn-spoofing-defense-for- 
safari/

Has a program you can install if you're worried. I've not tested it (or  
even downloaded it yet) but it is at least a resource.


On Feb 7, 2005, at 2:13 PM, Bryan Baker wrote:

> Thought I'd give a heads up that an exploit (mentioned today on  
> Slashdot):
>
> "East coast hacker con Shmoocon ended today and they had a nasty  
> browser exploit to show off... using International Domain Name (IDN)  
> character support to display fake domain names in links and the  
> address bar. Their examples use Paypal (with SSL too) and this looks  
> very useful for phishing attacks. Interesting note that it works in  
> every browser *except* IE (which makes this exploit a lot less  
> dangerous in the end, I suppose). The reason IE isn't vulnerable is  
> because it doesn't natively support IDN; with the right plug-in, it  
> too is vulnerable. "
>
> http://it.slashdot.org/article.pl?sid=05/02/07/ 
> 1323206&tid=172&tid=113&tid=154&tid=95&tid=1
> http://www.shmoo.com/idn/
>
> So, be even more cautious than usual when dealing with email asking  
> for anything sensitive.
> As of yet, Apple had no response, in Mozilla based browsers it's  
> possible to at least disable the behavior that allows this.
>
> --
> Bryan Baker
> President
> Des Moines Macintosh Users Group
> http://www.dmmug.org
> president@dmmug.org
>
--
Bryan Baker
Technology Advocate
Iowa Legal Aid
Suite 230
1111 9th Street
Des Moines, Ia 50314-2527

(515) 243-2151 (x1635)

http://www.iowalegalaid.org
bbaker@iowalaw.org


--Apple-Mail-7--710522191
Content-Transfer-Encoding: base64
Content-Type: application/pkcs7-signature;
	name=smime.p7s
Content-Disposition: attachment;
	filename=smime.p7s

MIAGCSqGSIb3DQEHAqCAMIACAQExCzAJBgUrDgMCGgUAMIAGCSqGSIb3DQEHAQAAoIIGFDCCAs0w
ggI2oAMCAQICAwxWgjANBgkqhkiG9w0BAQQFADBiMQswCQYDVQQGEwJaQTElMCMGA1UEChMcVGhh
d3RlIENvbnN1bHRpbmcgKFB0eSkgTHRkLjEsMCoGA1UEAxMjVGhhd3RlIFBlcnNvbmFsIEZyZWVt
YWlsIElzc3VpbmcgQ0EwHhcNMDQwNTE4MjIxNTAxWhcNMDUwNTE4MjIxNTAxWjBCMR8wHQYDVQQD
ExZUaGF3dGUgRnJlZW1haWwgTWVtYmVyMR8wHQYJKoZIhvcNAQkBFhBrYV9rbGlja0BtYWMuY29t
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuyTYo4QvaEigXA56XKB1W4FeJiLmE+Ff
gTHKohqxmbT2Xw/9csCJNZ8uXO/xWZhyhKnurH0Mhlh9ZmA6KfUT/h3dazjFDS4NoOwWWCltLP7q
Wl+S8Gm3p7TEgw87Jc2Squ+UZL8y03yV/xoSU/HzJGPAlU/anWavlnJCzZlkY/ahicGqDvJJVXBf
qHiiEGeGkubs5sAB5MCLMhE6iKD7L7cdKL71RF89UsnTAqD11ZpvmtRcwPGdP31C2GmH7e74dUdX
s4G1TM5mTczzb57Po7cTTAgE1AAdFh5XVUeB0QctIv5QfgWueaayD3WSI6tmb8r8KsRlI37Tho4f
4Mg4FQIDAQABoy0wKzAbBgNVHREEFDASgRBrYV9rbGlja0BtYWMuY29tMAwGA1UdEwEB/wQCMAAw
DQYJKoZIhvcNAQEEBQADgYEAlS7gkNLRhyPGw1XnwdIpNqfHx2nctR5DZZyHAMdsE2lsmtBaZkuY
ogZnMHoV9YJCdWx6m95LUziIqTUbBcoEnGwDTxhfEBh6iAJQ7pJgHKzYkynSznacm0eAy2EeTO0X
nadcKenL0nhcN5nj5vi2MfYpXzL1VxfF4ZNmzOsoocwwggM/MIICqKADAgECAgENMA0GCSqGSIb3
DQEBBQUAMIHRMQswCQYDVQQGEwJaQTEVMBMGA1UECBMMV2VzdGVybiBDYXBlMRIwEAYDVQQHEwlD
YXBlIFRvd24xGjAYBgNVBAoTEVRoYXd0ZSBDb25zdWx0aW5nMSgwJgYDVQQLEx9DZXJ0aWZpY2F0
aW9uIFNlcnZpY2VzIERpdmlzaW9uMSQwIgYDVQQDExtUaGF3dGUgUGVyc29uYWwgRnJlZW1haWwg
Q0ExKzApBgkqhkiG9w0BCQEWHHBlcnNvbmFsLWZyZWVtYWlsQHRoYXd0ZS5jb20wHhcNMDMwNzE3
MDAwMDAwWhcNMTMwNzE2MjM1OTU5WjBiMQswCQYDVQQGEwJaQTElMCMGA1UEChMcVGhhd3RlIENv
bnN1bHRpbmcgKFB0eSkgTHRkLjEsMCoGA1UEAxMjVGhhd3RlIFBlcnNvbmFsIEZyZWVtYWlsIElz
c3VpbmcgQ0EwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAMSmPFVzVftOucqZWh5owHUEcJ3f
6f+jHuy9zfVb8hp2vX8MOmHyv1HOAdTlUAow1wJjWiyJFXCO3cnwK4Vaqj9xVsuvPAsH5/EfkTYk
KhPPK9Xzgnc9A74r/rsYPge/QIACZNenprufZdHFKlSFD0gEf6e20TxhBEAeZBlyYLf7AgMBAAGj
gZQwgZEwEgYDVR0TAQH/BAgwBgEB/wIBADBDBgNVHR8EPDA6MDigNqA0hjJodHRwOi8vY3JsLnRo
YXd0ZS5jb20vVGhhd3RlUGVyc29uYWxGcmVlbWFpbENBLmNybDALBgNVHQ8EBAMCAQYwKQYDVR0R
BCIwIKQeMBwxGjAYBgNVBAMTEVByaXZhdGVMYWJlbDItMTM4MA0GCSqGSIb3DQEBBQUAA4GBAEiM
0VCD6gsuzA2jZqxnD3+vrL7CF6FDlpSdf0whuPg2H6otnzYvwPQcUCCTcDz9reFhYsPZOhl+hLGZ
GwDFGguCdJ4lUJRix9sncVcljd2pnDmOjCBPZV+V2vf3h9bGCE6u9uo05RAaWzVNd+NWIXiC3CEZ
Nd4ksdMdRv9dX2VPMYIC5zCCAuMCAQEwaTBiMQswCQYDVQQGEwJaQTElMCMGA1UEChMcVGhhd3Rl
IENvbnN1bHRpbmcgKFB0eSkgTHRkLjEsMCoGA1UEAxMjVGhhd3RlIFBlcnNvbmFsIEZyZWVtYWls
IElzc3VpbmcgQ0ECAwxWgjAJBgUrDgMCGgUAoIIBUzAYBgkqhkiG9w0BCQMxCwYJKoZIhvcNAQcB
MBwGCSqGSIb3DQEJBTEPFw0wNTAyMTYyMjMzMDBaMCMGCSqGSIb3DQEJBDEWBBRx1152iejbBx+y
xu0RfW47ZDCfizB4BgkrBgEEAYI3EAQxazBpMGIxCzAJBgNVBAYTAlpBMSUwIwYDVQQKExxUaGF3
dGUgQ29uc3VsdGluZyAoUHR5KSBMdGQuMSwwKgYDVQQDEyNUaGF3dGUgUGVyc29uYWwgRnJlZW1h
aWwgSXNzdWluZyBDQQIDDFaCMHoGCyqGSIb3DQEJEAILMWugaTBiMQswCQYDVQQGEwJaQTElMCMG
A1UEChMcVGhhd3RlIENvbnN1bHRpbmcgKFB0eSkgTHRkLjEsMCoGA1UEAxMjVGhhd3RlIFBlcnNv
bmFsIEZyZWVtYWlsIElzc3VpbmcgQ0ECAwxWgjANBgkqhkiG9w0BAQEFAASCAQA1Zgy+PqYFuLZo
Br1yDvAtetsIk94IEN6EwxLiH6pIvCP/ujkQZWttxjEyNg8guf1tktYpI4iG0+RcWxEvQw7oKTiQ
0QTo7+vMPijVBl16wnp0QUHgjDZ2sBQhoSleyp5W70ShU3+hKoPFVtbOykJ6CIdDe9KlnXEwmP3r
KqLx723cm+ANm/17o7f1XI6yNww1hADfEVNAc8YeKrHwq57Gld918yveXKmbFn9prF+9mcNMsLah
XxknT4cfB0RPyJUYySInOjPZLki8mlFl3z7TxV7ke6R2KggiZc+W9ATtduulYs3zn4860d0BdImc
okJBHKJC4U7sI0hcHHn4pkieAAAAAAAA

--Apple-Mail-7--710522191--