[36429] in bugtraq
ezmlm warning
daemon@ATHENA.MIT.EDU (bugtraq-help@securityfocus.com)
Fri Sep 10 22:19:47 2004
Date: 10 Sep 2004 20:03:12 -0000
Message-ID: <1094846592.14787.ezmlm-warn@securityfocus.com>
From: bugtraq-help@securityfocus.com
To: bugtraq-redist@mit.edu
Content-type: text/plain; charset=us-ascii
Hi! This is the ezmlm program. I'm managing the
bugtraq@securityfocus.com mailing list.
I'm working for my owner, who can be reached
at bugtraq-owner@securityfocus.com.
Messages to you from the bugtraq mailing list seem to
have been bouncing. I've attached a copy of the first bounce
message I received.
If this message bounces too, I will send you a probe. If the probe bounces,
I will remove your address from the bugtraq mailing list,
without further notice.
I've kept a list of which messages from the bugtraq mailing list have
bounced from your address.
Copies of these messages may be in the archive.
To retrieve a set of messages 123-145 (a maximum of 100 per request),
send an empty message to:
<bugtraq-get.123_145@securityfocus.com>
To receive a subject and author list for the last 100 or so messages,
send an empty message to:
<bugtraq-index@securityfocus.com>
Here are the message numbers:
15764
--- Enclosed is a copy of the bounce message I received.
Return-Path: <>
Received: (qmail 17370 invoked from network); 30 Aug 2004 01:15:24 -0000
Received: from mail2.securityfocus.com (205.206.231.1)
by lists2.securityfocus.com with SMTP; 30 Aug 2004 01:15:24 -0000
Received: (qmail 4568 invoked by alias); 30 Aug 2004 07:19:04 -0000
Received: (qmail 31584 invoked from network); 30 Aug 2004 07:15:26 -0000
Received: from outgoing.securityfocus.com (HELO outgoing3.securityfocus.com) (205.206.231.27)
by mail2.securityfocus.com with SMTP; 30 Aug 2004 07:15:26 -0000
Received: by outgoing3.securityfocus.com (Postfix)
id 9D1002370B9; Mon, 30 Aug 2004 01:14:58 -0600 (MDT)
Date: Mon, 30 Aug 2004 01:14:58 -0600 (MDT)
From: MAILER-DAEMON@securityfocus.com (Mail Delivery System)
Subject: Undelivered Mail Returned to Sender
To: bugtraq-return-15764-bugtraq-redist=mit.edu@securityfocus.com
MIME-Version: 1.0
Content-Type: multipart/report; report-type=delivery-status;
boundary="4E2142383CC.1093850006/outgoing3.securityfocus.com"
Message-Id: <20040830071458.9D1002370B9@outgoing3.securityfocus.com>
This is a MIME-encapsulated message.
--4E2142383CC.1093850006/outgoing3.securityfocus.com
Content-Description: Notification
Content-Type: text/plain
This is the Postfix program at host outgoing3.securityfocus.com.
I'm sorry to have to inform you that the message returned
below could not be delivered to one or more destinations.
For further assistance, please send mail to <postmaster>
If you do so, please include this problem report. You can
delete your own text from the message returned below.
The Postfix program
<bugtraq-redist@mit.edu>: Host or domain name not found. Name service error for
name=mit.edu type=MX: Host not found, try again
--4E2142383CC.1093850006/outgoing3.securityfocus.com
Content-Description: Delivery report
Content-Type: message/delivery-status
Reporting-MTA: dns; outgoing3.securityfocus.com
X-Postfix-Queue-ID: 4E2142383CC
X-Postfix-Sender: rfc822; bugtraq-return-15764@securityfocus.com
Arrival-Date: Fri, 27 Aug 2004 09:27:48 -0600 (MDT)
Final-Recipient: rfc822; bugtraq-redist@mit.edu
Action: failed
Status: 4.0.0
Diagnostic-Code: X-Postfix; Host or domain name not found. Name service error
for name=mit.edu type=MX: Host not found, try again
--4E2142383CC.1093850006/outgoing3.securityfocus.com
Content-Description: Undelivered Message
Content-Type: message/rfc822
Received: from lists2.securityfocus.com (lists2.securityfocus.com [205.206.231.20])
by outgoing3.securityfocus.com (Postfix) with QMQP
id 4E2142383CC; Fri, 27 Aug 2004 09:27:48 -0600 (MDT)
Mailing-List: contact bugtraq-help@securityfocus.com; run by ezmlm
Precedence: bulk
List-Id: <bugtraq.list-id.securityfocus.com>
List-Post: <mailto:bugtraq@securityfocus.com>
List-Help: <mailto:bugtraq-help@securityfocus.com>
List-Unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
List-Subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
Delivered-To: mailing list bugtraq@securityfocus.com
Delivered-To: moderator for bugtraq@securityfocus.com
Received: (qmail 25451 invoked from network); 27 Aug 2004 00:45:48 -0000
Message-ID: <2587094.1093589888401.JavaMail.john.courcoul@mac.com>
Date: Fri, 27 Aug 2004 01:58:08 -0500
From: john.courcoul@mac.com
To: bugtraq@securityfocus.com
Subject: Re: Netscape Navigator 7.2 failure to isolate browser tabs (was Re: Computer Network Defence Vulnerability Alert State)
Cc: Andy Cuff <lists@securitywizardry.com>
in-reply-to: <9375895.1093531877405.JavaMail.john.courcoul@mac.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
references: <9375895.1093531877405.JavaMail.john.courcoul@mac.com>
Might as well try and be useful with this and see what other Mac browsers get bitten by this bug. Do note that all my tests have been done on MacOS X 10.3.5, with the latest Java 1.4.2 Update 1 and Developer packages installed.
Netscape Navigator 7.2 - Vulnerable (subject of the original mail)
Netscape Navigator 7.1 - Vulnerable (buggy here too)
Netscape Navigator 7.0.2 - NOT vulnerable (Amazing ! Ain't we supposed to be improving over time ?)
Mozilla 1.7.2 - Vulnerable (figures; Navigator 7.2 is based on this)
Firefox 0.9.3 - Vulnerable (Mozilla's kid brother, limps from same foot...)
Camino 0.8.1 - NOT vulnerable (some residue might appear on the next tab, but applet is inoperative)
Opera 7.5.4 - NOT vulnerable (does not have tabbed browsing)
iCab 2.9.8 - NOT vulnerable (plus, the page did not load correctly)
OmniWeb 5.0.1 - NOT vulnerable
MSIE 5.2.3 - NOT vulnerable (does not have tabbed browsing)
Interesting, how the bug crept into the Netscape/Mozilla codebase after 7.0.2 and has remained there ever since.
Cheers,
J. Courcoul
On Thursday, August 26, 2004, at 05:32PM, <john.courcoul@mac.com> wrote:
>Didn't think I'd ever get the chance to report some form of vulnerability, but I did. Minor, granted, but a bug nonetheless.
>
>Use the latest browser from Netscape, Gecko/20040804 Netscape/7.2, set up for tabbed browsing, on a MacOS X 10.3.5 platform with all the latest patches. Open Andy Cuff's "radar" page in the first tab: it sets up two scrolling displays (Security News and Vulnerabilities) on the left side of the window and a date ticker in the middle, under "Operational Picture". Open a new tab, which should be completely independent and allow you to browse another site without interference. Not a chance: the scrolling displays and the date ticker promptly highjack the new pane and display their info on it, on top of any page you should happen to load there. And the scrollers are "live" in whatever tab they have highjacked: click on any of the items they are displaying, and the corresponding page gets loaded on the highjacked tab, NOT on the original "radar" tab. Only until you close the "radar" tab do the scrollers and ticker go away in all other tabs.
>
>Works the other way around too: create a bunch of tabs and load all sorts of different sites on them. On the very last tab, open Andy's page. It promptly takes over all tabs and splashes the scrollers and ticker all over the place.
>
>In this case, just a nuisance, but might conceivably be misused. Since this information is placed on top of the highjacked tabs, and will cause a new page to load on that tab, a carefully crafted scroller or ticker could misdirect a user trying to do banking on a tab to be redirected to a hostile server elsewhere (i.e., carefully place the scroller on top of the "submit" button, tell the user that the operation failed and get them to retype their private info.)
>
>Could this be classified as "phishing" ?
>
>J. Courcoul
>
>Andy Cuff wrote:
>
>>Hi All,
>>As a great believer in being able to track emerging vulnerabilities with
>>minimal effort, I have created another "Alert State" image.
>>http://securitywizardry.com/radar.htm However, I have tried to make it a
>>lot more granular dividing the image up into OS and Applications and
>>reducing the alert states to just 3. At present I'm tracking the
>>vulnerabilities myself, though I'm hoping some kind hearted vulnerability
>>alert service such as one of these http://securitywizardry.com/alert.htm
>>will offer to notify me when significant vulnerabilities occur that may
>>warrant a change in an enterprises CND posture. I hope you find it of use,
>>enjoy!
>>
>>Advice, criticism, bitchin' etc welcomed as always
>>
>>-andy cuff
>>Talisker's Computer Security Portal
>>Computer Network Defence Ltd
>>http://www.securitywizardry.com
>>
>
>
>______________________________________________________________________
>This email has been scanned by the MessageLabs Email Security System.
>For more information please visit http://www.messagelabs.com/email
>______________________________________________________________________
>
>
--4E2142383CC.1093850006/outgoing3.securityfocus.com--
