Browser Security Pack

[nxIsle]

Thanks!!!

[42unite]

I'm finding that the "Prevent file access [Siamesecat] {Modified by Kye-U}" filter from 4.33 is firing repeatedly at numerous places on http://bestbuy.com/ .

[nxIsle]

Hi Kye-U and all, there's a nasty little vulnerability involving images set to humongous sizes that can crash not only Mozilla, but sometimes your computer as well, according to this:
Bugzilla Bug296061
It's also being discussed over at Mozillazine forums: link to second page of thread, because the first page is, well, not too informative.

example of the html for the image:

Code:

<HTML>
  <BODY>
    <IMG SRC="./imagecrash.jpg" width="9999999" height="9999999">
  </BODY>
</HTML>

While it looks like the most recent nightlies are not vulnerable, those of us who are using the most recent release (Mozilla Suite 1.7.8, here) are out of luck.

I don't know if other browsers are vulnerable (to be honest, I don't feel like testing them!)

Any chance of a filter to stop this? One of the posters at Mozillazine pointed out this GreaseMonkey (extension) script that's supposed to work -- MaxImageSize.user.js -- but it seems a Proxo filter would be a better solution, if possible.

[Kye-U]

nxIsle, I've modified (Fix Tag Sizes [Kye-U]) so that it matches that! Enjoy

Version 4.34 is Released!

Last Updated: June 3rd, 2005 - 7:23 PM EST

What's New?

Quote:[-Version 4.34-]
-Modified (Fix Tag Sizes [Kye-U])
https://bugzilla.mozilla.org/show_bug.cgi?id=296061

http://prxbx.com/forums/index.ph...topic=131&st=0#

Download here!

[nxIsle]

<span style='font-size:14pt;line-height:100%'><span style='color:red'>Thank you!!!!</span></span> [smoke]
I've spent a couple hours trying to come up with something, and gave up after not only freezing my box, but finally getting a bsod!!! I just tested and your filtre works beautifully!!!

Thanks, Kye-U; you rock!! (and, not to get personal or anything,
)

[Siamesecat]

Quote:Download here! http://prxbx.com/dp/download.php?file=18

I keep getting a "Not Found" error when I try to download the file. I tried both host names as well as the suggested hosts file entry and nothing works.

[nxIsle]

Hi Siamesecat,
Try it with:

205.209.167.10 http://www.kye-u.com

in your hosts file or try this link (works for me at the moment):

205.209.167.10/proxo/dp/download.php?file=18

[Siamesecat]

Thanks. The link works.

[Kye-U]

Siamesecat and others, please check to see if this filter is alright for the following exploit

http://www.kurczaba.com/html/security/0506241_poc2.htm

Code:

[Patterns]
Name = "Mozilla: Blank "Function" DoS Exploit [Kye-U]"
Active = TRUE
URL = "($TYPE(htm)|$TYPE(js))"
Limit = 12
Match = "function\(\)\{\}"
""
"&*$SET(Msg=)($TST(svAlert=1)$SET(Msg=$ALERT(Mozilla: Blank "Function" DoS Exploit Detected on:\n\n\u))|)"
"$SET(\9=This exploit can crash multiple Mozilla products by using a malformed function() tag"
""
"Version(s) Vulnerable: Mozilla 1.7.8"
"     Firefox 1.0.4"
"     Camino 0.8.4"
"http://www.kurczaba.com/html/security/0506241.htm)"
Replace = "Shonenscape"
"$GET(Msg)$SET(Msg=)"

[Guest]

Can't get it here . The address is :
http://www.kye-u.com/proxo/dp/download.php?file=18
I thought that site was gone .

[Kye-U]

Whoops! Forgot to update that link

Here is the link:

http://prxbx.com/lib/KyeUSecur...ion.mergeme.zip

[Ralph]

Guest Wrote:Can't get it here . The address is :
http://www.kye-u.com/proxo/dp/download.php?file=18
I thought that site was gone .

Sorry , I thought I was logged in .

[nxIsle]

Still crashed my Mozilla 1.7.8 when tested by itself ... <span style='color:#CC0000'>"4, 3, 2, 1 ... [wha] "</span>

[Kye-U]

nxIsle Wrote:Still crashed my Mozilla 1.7.8 when tested by itself ... <span style='color:#CC0000'>"4, 3, 2, 1 ... [wha] "</span>

Did an alert box pop up when you visited that link? :o

[nxIsle]

Nope. No alert. Just the "this will crash your browser in x seconds" countdown, followed by .

I tried it once with just that filter, and once with the new filter added to the latest security pack config. Same results both times. :o