|
-
February 7th, 2006, 08:31 PM
#1
Fifrefox Exploit
OK, it has just been too quiet on here today for new security news, so I thought I should shake things up!
I just received a Beta exploit for the Firefox vulnerability annouced here back on Feb. 1st. The exploit is for the Metasploit framework and is not yet published on their site. This is straight from the exploit code:
This module exploits a code execution vulnerability in the Mozilla Firefox browser. To reliably exploit this vulnerability, we need to fill almost a gigabyte of memory with our nop sled and payload. This module has been tested on Gentoo Linux with the stock mozilla-firefox 1.5.0.0 package.
It's patching time! 
BTW - I did notice that the SANS ISC is aware of this.
-Deeboe
******* EDIT *******
D'oh! I just noticed how I spelled Firefox on the title of the thread. Sorry. 
If you know the enemy and know yourself, you need not fear the result of a hundred battles. If you know yourself but not the enemy, for every victory gained you will also suffer a defeat. If you know neither the enemy nor yourself, you will succumb in every battle.
- Sun Tzu, The Art of War 
http://tazforum.**********.com/
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|
Reply With Quote