Jump to content


Time to update Mozilla/Firefox/TB and Ethereal

  • Please log in to reply
No replies to this topic

#1 AplusWebMaster



  • SWI Friend
  • PipPipPipPipPip
  • 11,104 posts

Posted 08 July 2004 - 08:18 PM

FYI...from the Internet Storm Center:

- http://isc.sans.org/...date=2004-07-08
Updated July 9th 2004 00:30 UTC
"Mozilla and Firefox Update Fixes Vulnerability
It's time to update your browser, though this time the problem is not with Internet Explorer, but with Mozilla and Firefox running on Windows...a flaw in the way Mozilla and Firefox handled links containing the shell: suffix could allow a malicious web site to run arbitrary code on the visitor's system. We advise you to upgrade to Mozilla 1.7.1 or Firefox 0.9.2 to patch this vulnerability. Alternatively, you may install the patch from http://ftp.mozilla.o.../shellblock.xpi
For more information about this vulnerability and ways of addressing it, please see http://mozilla.org/security/shell.html . This URL also points out that Thunderbird, an email client that's part of the Mozilla suite, is vulnerable, and explains how you can address the Thunderbird vulnerability as well.

Ethereal Update Fixes Vulnerabilities
A recent upgrade to Ethereal, a popular network sniffer, resolves several published vulnerabilities. Since we haven't seen this mentioned on the usual forums, we thought we'd let you know about the update in this note. If you're running Ethereal versions 0.8.15 up to and including 0.10.4, you will probably want to upgrade to version 0.10.5. See http://www.ethereal....a-sa-00015.html for more details..."
.The machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...

Member of UNITE
Support SpywareInfo Forum - click the button