[<prev] [next>] [day] [month] [year] [list]
Message-ID: <20060922154148.GH6015@piware.de>
Date: Fri, 22 Sep 2006 17:41:48 +0200
From: Martin Pitt <martin.pitt@...onical.com>
To: ubuntu-security-announce@...ts.ubuntu.com
Cc: full-disclosure@...ts.grok.org.uk, bugtraq@...urityfocus.com
Subject: [USN-351-1] firefox vulnerabilities
===========================================================
Ubuntu Security Notice USN-351-1 September 22, 2006
firefox vulnerabilities
CVE-2006-4253, CVE-2006-4340, CVE-2006-4565, CVE-2006-4566,
CVE-2006-4567, CVE-2006-4568, CVE-2006-4569, CVE-2006-4571
===========================================================
A security issue affects the following Ubuntu releases:
Ubuntu 6.06 LTS
This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.
The problem can be corrected by upgrading your system to the
following package versions:
Ubuntu 6.06 LTS:
firefox 1.5.dfsg+1.5.0.7-ubuntu0.6.06
libnss3 1.5.dfsg+1.5.0.7-ubuntu0.6.06
After a standard system upgrade you need to restart Firefox to effect
the necessary changes.
Please note that Firefox 1.0.8 in Ubuntu 5.10 and Ubuntu 5.04 are also
affected by these problems. Updates for these Ubuntu releases will be
delayed due to upstream dropping support for this Firefox version. We
strongly advise that you disable JavaScript to disable the attack
vectors for most vulnerabilities if you use one of these Ubuntu
versions. An update is currently in progress.
Details follow:
Various flaws have been reported that allow an attacker to execute
arbitrary code with user privileges by tricking the user into opening
a malicious web page containing JavaScript. (CVE-2006-4253,
CVE-2006-4565, CVE-2006-4566, CVE-2006-4568, CVE-2006-4569
CVE-2006-4571)
The NSS library did not sufficiently check the padding of PKCS #1 v1.5
signatures if the exponent of the public key is 3 (which is widely
used for CAs). This could be exploited to forge valid signatures
without the need of the secret key. (CVE-2006-4340)
Jon Oberheide reported a way how a remote attacker could trick users
into downloading arbitrary extensions with circumventing the normal
SSL certificate check. The attacker would have to be in a position to
spoof the victim's DNS, causing them to connect to sites of the
attacker's choosing rather than the sites intended by the victim. If
they gained that control and the victim accepted the attacker's cert
for the Mozilla update site, then the next update check could be
hijacked and redirected to the attacker's site without
detection. (CVE-2006-4567)
Updated packages for Ubuntu 6.06 LTS:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.5.dfsg+1.5.0.7-ubuntu0.6.06.diff.gz
Size/MD5: 177969 b449a4273730b70a6364fc7977f32947
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.5.dfsg+1.5.0.7-ubuntu0.6.06.dsc
Size/MD5: 1113 f66f89a240cf04e424268682b18b274d
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.5.dfsg+1.5.0.7.orig.tar.gz
Size/MD5: 43116523 025ca9a48809d142dd4817e396157afa
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/mozilla-firefox-dev_1.5.dfsg+1.5.0.7-ubuntu0.6.06_all.deb
Size/MD5: 49518 5e0b78c4ac74bee3eb1619bdb5e73dcf
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/mozilla-firefox_1.5.dfsg+1.5.0.7-ubuntu0.6.06_all.deb
Size/MD5: 50408 4301f74c782bedd5fdae77a8718c9e84
amd64 architecture (Athlon64, Opteron, EM64T Xeon)
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dbg_1.5.dfsg+1.5.0.7-ubuntu0.6.06_amd64.deb
Size/MD5: 47330950 1a10494ee3d4d0a4194c9f2615648829
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_1.5.dfsg+1.5.0.7-ubuntu0.6.06_amd64.deb
Size/MD5: 2798556 010d95da3e0f36228f7020f64a82d8db
http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/firefox-dom-inspector_1.5.dfsg+1.5.0.7-ubuntu0.6.06_amd64.deb
Size/MD5: 216456 d2e78ea968f19f7402c6e07f810ac523
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support_1.5.dfsg+1.5.0.7-ubuntu0.6.06_amd64.deb
Size/MD5: 82684 19d45ae80a1c181dc6e3e6d4f9b13d0c
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.5.dfsg+1.5.0.7-ubuntu0.6.06_amd64.deb
Size/MD5: 9413980 f7dc5d3650a940520ccb5be0cdad3f2b
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr-dev_1.firefox1.5.dfsg+1.5.0.7-ubuntu0.6.06_amd64.deb
Size/MD5: 219138 6eecd17ccbad3377599eb5247888d47f
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr4_1.firefox1.5.dfsg+1.5.0.7-ubuntu0.6.06_amd64.deb
Size/MD5: 162186 73136a6353d5e146bccc4f496f0dd9a1
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss-dev_1.firefox1.5.dfsg+1.5.0.7-ubuntu0.6.06_amd64.deb
Size/MD5: 236042 4d0185a1415e236448d9f80a33749710
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss3_1.firefox1.5.dfsg+1.5.0.7-ubuntu0.6.06_amd64.deb
Size/MD5: 757866 8278b72cad3ec0202ecae39c4fd2a354
i386 architecture (x86 compatible Intel/AMD)
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dbg_1.5.dfsg+1.5.0.7-ubuntu0.6.06_i386.deb
Size/MD5: 43897500 d1dc2c78dcc2fefcc2136e635c41ea6a
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_1.5.dfsg+1.5.0.7-ubuntu0.6.06_i386.deb
Size/MD5: 2798572 179ae6b21807bf882869fc1f4cceff26
http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/firefox-dom-inspector_1.5.dfsg+1.5.0.7-ubuntu0.6.06_i386.deb
Size/MD5: 209870 c30fa91cb895288c8516c4357c6eca36
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support_1.5.dfsg+1.5.0.7-ubuntu0.6.06_i386.deb
Size/MD5: 75046 a2baf77d367ecdfd0ee4233d400500d6
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.5.dfsg+1.5.0.7-ubuntu0.6.06_i386.deb
Size/MD5: 7925372 78da19e304788b40754f86d85af967d2
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr-dev_1.firefox1.5.dfsg+1.5.0.7-ubuntu0.6.06_i386.deb
Size/MD5: 219134 8205349eb31b90734a23c2dd539e7e87
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr4_1.firefox1.5.dfsg+1.5.0.7-ubuntu0.6.06_i386.deb
Size/MD5: 146884 d4f4e5ae7f467d385bb84b7923930ce5
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss-dev_1.firefox1.5.dfsg+1.5.0.7-ubuntu0.6.06_i386.deb
Size/MD5: 236030 1ab463b215d7fb0841b8d987622d188c
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss3_1.firefox1.5.dfsg+1.5.0.7-ubuntu0.6.06_i386.deb
Size/MD5: 669986 c0304f2bb316757ffee0442f80a418be
powerpc architecture (Apple Macintosh G3/G4/G5)
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dbg_1.5.dfsg+1.5.0.7-ubuntu0.6.06_powerpc.deb
Size/MD5: 48710170 b6a71933d6f85397bece7d2aceb4f475
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_1.5.dfsg+1.5.0.7-ubuntu0.6.06_powerpc.deb
Size/MD5: 2798592 b2bb02ac4934c861ce7f1b2f7d7baa12
http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/firefox-dom-inspector_1.5.dfsg+1.5.0.7-ubuntu0.6.06_powerpc.deb
Size/MD5: 213326 c1c760c5cb1e503d007f8885ca162915
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support_1.5.dfsg+1.5.0.7-ubuntu0.6.06_powerpc.deb
Size/MD5: 78222 1e43582487c4bbfa7e4bafcfe7ae1fc7
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.5.dfsg+1.5.0.7-ubuntu0.6.06_powerpc.deb
Size/MD5: 9025586 f4bfe2070a79223bd4453f9c833749ae
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr-dev_1.firefox1.5.dfsg+1.5.0.7-ubuntu0.6.06_powerpc.deb
Size/MD5: 219150 240f9503290c98f62fb653c8120d5724
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr4_1.firefox1.5.dfsg+1.5.0.7-ubuntu0.6.06_powerpc.deb
Size/MD5: 159436 fb6c4dcc82eed00b3f9ec92b91195db7
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss-dev_1.firefox1.5.dfsg+1.5.0.7-ubuntu0.6.06_powerpc.deb
Size/MD5: 236030 bd3560a6324ed389e92f7e629d5682f0
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss3_1.firefox1.5.dfsg+1.5.0.7-ubuntu0.6.06_powerpc.deb
Size/MD5: 768752 a7c309bf5b9770cc075717d02a4eac54
sparc architecture (Sun SPARC/UltraSPARC)
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dbg_1.5.dfsg+1.5.0.7-ubuntu0.6.06_sparc.deb
Size/MD5: 45291390 a05989e31edd036826441e486408f011
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-dev_1.5.dfsg+1.5.0.7-ubuntu0.6.06_sparc.deb
Size/MD5: 2798644 987b4fd5f256cf43dba88156e006a063
http://security.ubuntu.com/ubuntu/pool/universe/f/firefox/firefox-dom-inspector_1.5.dfsg+1.5.0.7-ubuntu0.6.06_sparc.deb
Size/MD5: 210824 c87de0ce847db60238862081d1fc8820
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox-gnome-support_1.5.dfsg+1.5.0.7-ubuntu0.6.06_sparc.deb
Size/MD5: 76674 e8d2eb757a497a5778d7a080bb3b5442
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_1.5.dfsg+1.5.0.7-ubuntu0.6.06_sparc.deb
Size/MD5: 8421340 5ce31d58ab07114b140acd2322ae3ddd
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr-dev_1.firefox1.5.dfsg+1.5.0.7-ubuntu0.6.06_sparc.deb
Size/MD5: 219148 e570f55a3a1170bea76bb4c3fffd5b67
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnspr4_1.firefox1.5.dfsg+1.5.0.7-ubuntu0.6.06_sparc.deb
Size/MD5: 149380 4f7c86cd49ff77bae0b2ba3acefa97c9
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss-dev_1.firefox1.5.dfsg+1.5.0.7-ubuntu0.6.06_sparc.deb
Size/MD5: 236060 a3b585f43927607d8743b9c413ef0a5b
http://security.ubuntu.com/ubuntu/pool/main/f/firefox/libnss3_1.firefox1.5.dfsg+1.5.0.7-ubuntu0.6.06_sparc.deb
Size/MD5: 682100 ceb5f2de5ae6f6ede05f097eee4f6a72
Download attachment "signature.asc" of type "application/pgp-signature" (190 bytes)
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists