Several Browsers Affected by Man-in-the-Middle Vulnerability

News

Contributed by: Lauren Gerber
Date: August 3, 2009

	3 Vote 0	Several Browsers Affected by Man-in-the-Middle Vulnerability

If you won the lottery tomorrow and decided to buy a new computer, you would probably want to get the very best computer that money can buy. Getting a computer with the best and latest features would not be hard to pull off, if you had enough money. There is one thing that money can't buy though, and that is a vulnerability free online world. No matter which computer you are using and no matter which software you have, eventually some type of vulnerability will emerge. Having said that, it was found that multiple browsers are vulnerable to a web proxy redirect handling, man in the middle attack.

Different versions of many different browsers are vulnerable to this vulnerability. One of the vulnerable browsers include Mozilla Firefox version 3.0.10 and prior. This includes Mozilla Firefox 2 that contains these files: nsXmlRpcClient.js as well as nsSetDefaultBrowser.js. Other affected browsers include the Opera Browser as well as the Apple Safari browser.

Let me tell you how dangerous this vulnerability is. Basically malicious online attackers could take complete advantage of this vulnerability and perform phishing attacks. This could then lead to the attackers getting their dirty hands on all your confidential information. If they are able to get all your personal information, the consequences may be disastrous. But, in order to take advantage of this vulnerability, there is a catch. The catch is that an attacker would have to be able to control the traffic of the network.

Some web browser which are affected:

The Mozilla Firefox browser prior to 3.0.10

The Apple Safari browser prior to 3.2.2

The Opera browser prior to 9.25

Table 1. Affected web browsers

In order for malicious online attacker to be able to control the network traffic or alternatively intercept it, a few methodologies will be necessary. These specific methodologies include DNS poisoning as well as man in the middle attacks. Tools are readily available on the internet, to help attackers efficiently exploit this vulnerability. The solution to this vulnerability is for users to apply the relevant updates. I would thus like to leave you with a quote in conclusion:"You can't defend. You can't prevent. The only thing you can do is detect and respond".-Bruce Schneier

Resources:
Description of man-in-the-middle vulnerability
Information about the browser vulnerability
Bruce Schneider on man-in-the-middle attacks

User Comments

greg August 4, 2009

i think the browsers that are listed as being affected should have a release date associated with them. i know that opera 9.25 is fairly old at this point, and if it was fixed after that, it's worth putting out a date at which it was fixed. or, that the affected version was released. i can't speak for firefox or safari on this point - don't use them much, or at all (respectively...).

Featured Videos

Modify hosts file

From: PC1News Videos

Added: June 13, 2009

Software Downloads

SpyHunter V.3

Free Spyhunter Scanner (Spyware/Trojan Detection). DETECT Spyware, Trojans, Worms, Viruses and malware on your PC absolutely FREE.

Download now

Registry Mechanic 8

Award Winning software, Fixes registry and improves computer performance. Created by a division of Symantec, this tool will scan your registry and find errors that can be later cleaned either individually or all together.

Download now

SpywareBlaster 4.1

The tool is used to prevent the installation of spyware and other potentially unwanted software. As soon as you download it, you will be able to protect your system.

Download now