Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2007.0362 -- [RedHat] Critical: firefox security update 31 May 2007 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: firefox Publisher: Red Hat Operating System: Red Hat Enterprise Linux 5 Red Hat Enterprise Linux 4 Impact: Execute Arbitrary Code/Commands Access Privileged Data Cross-site Scripting Denial of Service Access: Remote/Unauthenticated CVE Names: CVE-2007-2871 CVE-2007-2870 CVE-2007-2869 CVE-2007-2868 CVE-2007-2867 CVE-2007-1562 CVE-2007-1362 Ref: AL-2007.0070 Original Bulletin: https://rhn.redhat.com/errata/RHSA-2007-0400.html - --------------------------BEGIN INCLUDED TEXT-------------------- - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Critical: firefox security update Advisory ID: RHSA-2007:0400-01 Advisory URL: https://rhn.redhat.com/errata/RHSA-2007-0400.html Issue date: 2007-05-30 Updated on: 2007-05-30 Product: Red Hat Enterprise Linux CVE Names: CVE-2007-1362 CVE-2007-1562 CVE-2007-2867 CVE-2007-2868 CVE-2007-2869 CVE-2007-2870 CVE-2007-2871 - - --------------------------------------------------------------------- 1. Summary: Updated firefox packages that fix several security bugs are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having critical security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64 RHEL Desktop Workstation (v. 5 client) - i386, x86_64 Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64 3. Problem description: Mozilla Firefox is an open source Web browser. Several flaws were found in the way Firefox processed certain malformed JavaScript code. A web page containing malicious JavaScript code could cause Firefox to crash or potentially execute arbitrary code as the user running Firefox. (CVE-2007-2867, CVE-2007-2868) A flaw was found in the way Firefox handled certain FTP PASV commands. A malicious FTP server could use this flaw to perform a rudimentary port-scan of machines behind a user's firewall. (CVE-2007-1562) Several denial of service flaws were found in the way Firefox handled certain form and cookie data. A malicious web site that is able to set arbitrary form and cookie data could prevent Firefox from functioning properly. (CVE-2007-1362, CVE-2007-2869) A flaw was found in the way Firefox handled the addEventListener JavaScript method. A malicious web site could use this method to access or modify sensitive data from another web site. (CVE-2007-2870) A flaw was found in the way Firefox displayed certain web content. A malicious web page could generate content that would overlay user interface elements such as the hostname and security indicators, tricking users into thinking they are visiting a different site. (CVE-2007-2871) Users of Firefox are advised to upgrade to these erratum packages, which contain Firefox version 1.5.0.12 that corrects these issues. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/FAQ_58_10188 5. Bug IDs fixed (http://bugzilla.redhat.com/): 241670 - CVE-2007-1362 Multiple Firefox flaws (CVE-2007-1562, CVE-2007-2867, CVE-2007-2868, CVE-2007-2869, CVE-2007-2870, CVE-2007-2871) 6. RPMs required: Red Hat Enterprise Linux AS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/firefox-1.5.0.12-0.1.el4.src.rpm b65c0e149c9a2a99e4dd19f127301bcc firefox-1.5.0.12-0.1.el4.src.rpm i386: 86978cc9d7fe03d6826c77516ebdadf0 firefox-1.5.0.12-0.1.el4.i386.rpm 47e44ab5f3aabbf46d4a49188ac5fef1 firefox-debuginfo-1.5.0.12-0.1.el4.i386.rpm ia64: 91a38b7498a5e459ad2be38100282550 firefox-1.5.0.12-0.1.el4.ia64.rpm aa1bc419ac3f56c05c5f617840610daf firefox-debuginfo-1.5.0.12-0.1.el4.ia64.rpm ppc: 30e7be931ea1331c2971df5e108e50eb firefox-1.5.0.12-0.1.el4.ppc.rpm c65a76732d020d804326e02dc67eda35 firefox-debuginfo-1.5.0.12-0.1.el4.ppc.rpm s390: efb2e30a6beedd50881f3ec66db89d48 firefox-1.5.0.12-0.1.el4.s390.rpm 6e804c9d97559d8c0d7a99d01d0f1d46 firefox-debuginfo-1.5.0.12-0.1.el4.s390.rpm s390x: 7abeac347fe36f9b99c2da0e7297407b firefox-1.5.0.12-0.1.el4.s390x.rpm bed63c7079f11b11196881526b84bbd7 firefox-debuginfo-1.5.0.12-0.1.el4.s390x.rpm x86_64: 99e6f6963881507969dfc748202452df firefox-1.5.0.12-0.1.el4.x86_64.rpm 2577b656e6e3ac5b396985878d506040 firefox-debuginfo-1.5.0.12-0.1.el4.x86_64.rpm Red Hat Enterprise Linux Desktop version 4: SRPMS: ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/firefox-1.5.0.12-0.1.el4.src.rpm b65c0e149c9a2a99e4dd19f127301bcc firefox-1.5.0.12-0.1.el4.src.rpm i386: 86978cc9d7fe03d6826c77516ebdadf0 firefox-1.5.0.12-0.1.el4.i386.rpm 47e44ab5f3aabbf46d4a49188ac5fef1 firefox-debuginfo-1.5.0.12-0.1.el4.i386.rpm x86_64: 99e6f6963881507969dfc748202452df firefox-1.5.0.12-0.1.el4.x86_64.rpm 2577b656e6e3ac5b396985878d506040 firefox-debuginfo-1.5.0.12-0.1.el4.x86_64.rpm Red Hat Enterprise Linux ES version 4: SRPMS: ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/firefox-1.5.0.12-0.1.el4.src.rpm b65c0e149c9a2a99e4dd19f127301bcc firefox-1.5.0.12-0.1.el4.src.rpm i386: 86978cc9d7fe03d6826c77516ebdadf0 firefox-1.5.0.12-0.1.el4.i386.rpm 47e44ab5f3aabbf46d4a49188ac5fef1 firefox-debuginfo-1.5.0.12-0.1.el4.i386.rpm ia64: 91a38b7498a5e459ad2be38100282550 firefox-1.5.0.12-0.1.el4.ia64.rpm aa1bc419ac3f56c05c5f617840610daf firefox-debuginfo-1.5.0.12-0.1.el4.ia64.rpm x86_64: 99e6f6963881507969dfc748202452df firefox-1.5.0.12-0.1.el4.x86_64.rpm 2577b656e6e3ac5b396985878d506040 firefox-debuginfo-1.5.0.12-0.1.el4.x86_64.rpm Red Hat Enterprise Linux WS version 4: SRPMS: ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/firefox-1.5.0.12-0.1.el4.src.rpm b65c0e149c9a2a99e4dd19f127301bcc firefox-1.5.0.12-0.1.el4.src.rpm i386: 86978cc9d7fe03d6826c77516ebdadf0 firefox-1.5.0.12-0.1.el4.i386.rpm 47e44ab5f3aabbf46d4a49188ac5fef1 firefox-debuginfo-1.5.0.12-0.1.el4.i386.rpm ia64: 91a38b7498a5e459ad2be38100282550 firefox-1.5.0.12-0.1.el4.ia64.rpm aa1bc419ac3f56c05c5f617840610daf firefox-debuginfo-1.5.0.12-0.1.el4.ia64.rpm x86_64: 99e6f6963881507969dfc748202452df firefox-1.5.0.12-0.1.el4.x86_64.rpm 2577b656e6e3ac5b396985878d506040 firefox-debuginfo-1.5.0.12-0.1.el4.x86_64.rpm Red Hat Enterprise Linux Desktop (v. 5 client): SRPMS: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/devhelp-0.12-11.el5.src.rpm 85adab21471a9e46c5d0cb5816bbbcff devhelp-0.12-11.el5.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/firefox-1.5.0.12-1.el5.src.rpm b0645efeba60c77ad740a212d465b453 firefox-1.5.0.12-1.el5.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/yelp-2.16.0-15.el5.src.rpm ed0f92a5a1721891f10cfadf08b3782f yelp-2.16.0-15.el5.src.rpm i386: b7958042531e8f6b5931605a0f2d17fc devhelp-0.12-11.el5.i386.rpm ca85406a19b36f412dfdb129b29a71c9 devhelp-debuginfo-0.12-11.el5.i386.rpm 7b959d51178a768c437bdc1fd1dc3e3c firefox-1.5.0.12-1.el5.i386.rpm 4d1671461afeb3ec1784d591ecb134f5 firefox-debuginfo-1.5.0.12-1.el5.i386.rpm c0e883b6c8d47a1fbce33dc3133161de yelp-2.16.0-15.el5.i386.rpm 165c0d376519fa7f46dfef9412dfbe6d yelp-debuginfo-2.16.0-15.el5.i386.rpm x86_64: b7958042531e8f6b5931605a0f2d17fc devhelp-0.12-11.el5.i386.rpm 47012533019d250c132ebbd97e87d227 devhelp-0.12-11.el5.x86_64.rpm ca85406a19b36f412dfdb129b29a71c9 devhelp-debuginfo-0.12-11.el5.i386.rpm b09ba06d46894a888f8ea6ae04cf416e devhelp-debuginfo-0.12-11.el5.x86_64.rpm 7b959d51178a768c437bdc1fd1dc3e3c firefox-1.5.0.12-1.el5.i386.rpm 244bb754d6039cc48c144c5f45052260 firefox-1.5.0.12-1.el5.x86_64.rpm 4d1671461afeb3ec1784d591ecb134f5 firefox-debuginfo-1.5.0.12-1.el5.i386.rpm 21bf5480e44a66710ba5f90eaef52294 firefox-debuginfo-1.5.0.12-1.el5.x86_64.rpm 35f3463a249179df63b98239cf4e3cbc yelp-2.16.0-15.el5.x86_64.rpm 6fbdcb7e6b7586a7f7c2b4a17ab2e2fa yelp-debuginfo-2.16.0-15.el5.x86_64.rpm RHEL Desktop Workstation (v. 5 client): SRPMS: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/devhelp-0.12-11.el5.src.rpm 85adab21471a9e46c5d0cb5816bbbcff devhelp-0.12-11.el5.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/firefox-1.5.0.12-1.el5.src.rpm b0645efeba60c77ad740a212d465b453 firefox-1.5.0.12-1.el5.src.rpm i386: ca85406a19b36f412dfdb129b29a71c9 devhelp-debuginfo-0.12-11.el5.i386.rpm 77fe09441514cd6482f4596362485343 devhelp-devel-0.12-11.el5.i386.rpm 4d1671461afeb3ec1784d591ecb134f5 firefox-debuginfo-1.5.0.12-1.el5.i386.rpm fa39c7e1fd6232e62b3d9a4f53acbc9b firefox-devel-1.5.0.12-1.el5.i386.rpm x86_64: ca85406a19b36f412dfdb129b29a71c9 devhelp-debuginfo-0.12-11.el5.i386.rpm b09ba06d46894a888f8ea6ae04cf416e devhelp-debuginfo-0.12-11.el5.x86_64.rpm 77fe09441514cd6482f4596362485343 devhelp-devel-0.12-11.el5.i386.rpm 141d1df1f9e83521808efafd42f944fc devhelp-devel-0.12-11.el5.x86_64.rpm 4d1671461afeb3ec1784d591ecb134f5 firefox-debuginfo-1.5.0.12-1.el5.i386.rpm 21bf5480e44a66710ba5f90eaef52294 firefox-debuginfo-1.5.0.12-1.el5.x86_64.rpm fa39c7e1fd6232e62b3d9a4f53acbc9b firefox-devel-1.5.0.12-1.el5.i386.rpm e048eb9adb9dd967d1630c1fe4778f98 firefox-devel-1.5.0.12-1.el5.x86_64.rpm Red Hat Enterprise Linux (v. 5 server): SRPMS: ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/devhelp-0.12-11.el5.src.rpm 85adab21471a9e46c5d0cb5816bbbcff devhelp-0.12-11.el5.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/firefox-1.5.0.12-1.el5.src.rpm b0645efeba60c77ad740a212d465b453 firefox-1.5.0.12-1.el5.src.rpm ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/yelp-2.16.0-15.el5.src.rpm ed0f92a5a1721891f10cfadf08b3782f yelp-2.16.0-15.el5.src.rpm i386: b7958042531e8f6b5931605a0f2d17fc devhelp-0.12-11.el5.i386.rpm ca85406a19b36f412dfdb129b29a71c9 devhelp-debuginfo-0.12-11.el5.i386.rpm 77fe09441514cd6482f4596362485343 devhelp-devel-0.12-11.el5.i386.rpm 7b959d51178a768c437bdc1fd1dc3e3c firefox-1.5.0.12-1.el5.i386.rpm 4d1671461afeb3ec1784d591ecb134f5 firefox-debuginfo-1.5.0.12-1.el5.i386.rpm fa39c7e1fd6232e62b3d9a4f53acbc9b firefox-devel-1.5.0.12-1.el5.i386.rpm c0e883b6c8d47a1fbce33dc3133161de yelp-2.16.0-15.el5.i386.rpm 165c0d376519fa7f46dfef9412dfbe6d yelp-debuginfo-2.16.0-15.el5.i386.rpm ia64: bb162cf991018497ba2107bd312acb48 devhelp-0.12-11.el5.ia64.rpm 570bd03ebe8669998c0b76df1a00bbcb devhelp-debuginfo-0.12-11.el5.ia64.rpm b565891923dc59b5d4d8d1e9261dba0b devhelp-devel-0.12-11.el5.ia64.rpm 76e85b583ef60111b84983938e96004d firefox-1.5.0.12-1.el5.ia64.rpm 382d26b8141480f8937a24216936d2ce firefox-debuginfo-1.5.0.12-1.el5.ia64.rpm 035d9cf222fe66a807e63c1d346376ac firefox-devel-1.5.0.12-1.el5.ia64.rpm e1fc1489d821f1175b30f7af2bf80bb2 yelp-2.16.0-15.el5.ia64.rpm b3318cd359029f8fb0ffb49d363cda96 yelp-debuginfo-2.16.0-15.el5.ia64.rpm ppc: 71d19c30096ca87d8fbc8740652e9a00 devhelp-0.12-11.el5.ppc.rpm 12ca05b2dcbcc34dd8c51b8e6eaf3d0b devhelp-debuginfo-0.12-11.el5.ppc.rpm 6aefe858236f2e1e1406cd5fea314d02 devhelp-devel-0.12-11.el5.ppc.rpm 88a37e6d10a175a50737a8b6c767c561 firefox-1.5.0.12-1.el5.ppc.rpm 26398c53bc44663d49e7dabf14c37100 firefox-debuginfo-1.5.0.12-1.el5.ppc.rpm cf551a704d6cc2f33ce8086dcb6f4884 firefox-devel-1.5.0.12-1.el5.ppc.rpm 2fda60703e56ff7998740ce624c4157c yelp-2.16.0-15.el5.ppc.rpm 829c9d72ece2a5fcd7d4be637d799d65 yelp-debuginfo-2.16.0-15.el5.ppc.rpm s390x: 96802b267541ad3c0d5d8253eac7a0f6 devhelp-0.12-11.el5.s390.rpm 25fdb9f47687b447a85fdabdf9df80e5 devhelp-0.12-11.el5.s390x.rpm 9691ea4d3ca3db1eeeda64de5202bdc5 devhelp-debuginfo-0.12-11.el5.s390.rpm 4f18514595059a8e7dde34a42e0089e2 devhelp-debuginfo-0.12-11.el5.s390x.rpm fa7ccd2ecc5ef946a26963e99fbb5ce1 devhelp-devel-0.12-11.el5.s390.rpm b4f3cbab3249f5e63c659a4787f76af1 devhelp-devel-0.12-11.el5.s390x.rpm 7ea83a23a6e3de26b34d0585b7c12d10 firefox-1.5.0.12-1.el5.s390.rpm bd45b8871ccbcbc35ff43b25a36210fa firefox-1.5.0.12-1.el5.s390x.rpm 09e81d147f861ec7ed9bf0a7c4aa7a5b firefox-debuginfo-1.5.0.12-1.el5.s390.rpm b5172e50a9ceac771a47337f79e61751 firefox-debuginfo-1.5.0.12-1.el5.s390x.rpm 71196dd2cad1dc1b89b1354937abfa22 firefox-devel-1.5.0.12-1.el5.s390.rpm fdb884e4d38b109868c6d7445b8c454b firefox-devel-1.5.0.12-1.el5.s390x.rpm 1b84f778dcc83da7ca2a3fd4a92206a1 yelp-2.16.0-15.el5.s390x.rpm e7b25ab33671e71edb7b57502738f55c yelp-debuginfo-2.16.0-15.el5.s390x.rpm x86_64: b7958042531e8f6b5931605a0f2d17fc devhelp-0.12-11.el5.i386.rpm 47012533019d250c132ebbd97e87d227 devhelp-0.12-11.el5.x86_64.rpm ca85406a19b36f412dfdb129b29a71c9 devhelp-debuginfo-0.12-11.el5.i386.rpm b09ba06d46894a888f8ea6ae04cf416e devhelp-debuginfo-0.12-11.el5.x86_64.rpm 77fe09441514cd6482f4596362485343 devhelp-devel-0.12-11.el5.i386.rpm 141d1df1f9e83521808efafd42f944fc devhelp-devel-0.12-11.el5.x86_64.rpm 7b959d51178a768c437bdc1fd1dc3e3c firefox-1.5.0.12-1.el5.i386.rpm 244bb754d6039cc48c144c5f45052260 firefox-1.5.0.12-1.el5.x86_64.rpm 4d1671461afeb3ec1784d591ecb134f5 firefox-debuginfo-1.5.0.12-1.el5.i386.rpm 21bf5480e44a66710ba5f90eaef52294 firefox-debuginfo-1.5.0.12-1.el5.x86_64.rpm fa39c7e1fd6232e62b3d9a4f53acbc9b firefox-devel-1.5.0.12-1.el5.i386.rpm e048eb9adb9dd967d1630c1fe4778f98 firefox-devel-1.5.0.12-1.el5.x86_64.rpm 35f3463a249179df63b98239cf4e3cbc yelp-2.16.0-15.el5.x86_64.rpm 6fbdcb7e6b7586a7f7c2b4a17ab2e2fa yelp-debuginfo-2.16.0-15.el5.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package 7. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1362 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1562 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2867 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2868 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2869 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2870 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2871 http://www.redhat.com/security/updates/classification/#critical 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://www.redhat.com/security/team/contact/ Copyright 2007 Red Hat, Inc. - -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux) iD8DBQFGXjqBXlSAg2UNWIIRAglPAKCAeRQCF4+YvA/v9NrVIYXOW8tN7QCffKV9 JZKnT/ApRY/7XancitITvFs= =ovHo - -----END PGP SIGNATURE----- - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: http://www.auscert.org.au/render.html?cid=1980 If you believe that your computer system has been compromised or attacked in any way, we encourage you to let us know by completing the secure National IT Incident Reporting Form at: http://www.auscert.org.au/render.html?it=3192 =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQCVAwUBRl5aeSh9+71yA2DNAQIp7QP+IFyWH+vS4p9upRLkIYjmx5/IGS69eO/U bAfaMn89bzkUP5eu9Lum57InM9vNWVNk+GDxLvqsB4asPRYZQVpqOll0830/WuVU jHzJ42x7O2FMFYX29fC0xdghhCAwxIxc5g3CciOShBdwPDN/8u1g1NSejz4Y2S8N kYIz5eRUbG8= =DuzX -----END PGP SIGNATURE-----