Exploit for hole in Firefox published [update]
Users of Firefox are advised to check whether they have installed the current version 220.127.116.11 , which closes a number of security holes. H.D. Moore, the developer of Metasploit, has published an exploit for one of them. While Moore's demo only launches the Windows calculator in a test conducted by heise Security on a vulnerable Windows PC, now that the exploit is public we can expect soon to see programs that do not limit themselves to such harmless tampering to be circulating and to be installed on web sites. To become infected, all you need to do is visit a prepared web site.
Moore says that the exploit also works under Linux. For example, his demo is able to execute the command touch /tmp/METASPLOIT to create a file. But on Linux, the demo does not work unless a Java plug-in is installed. Mac systems are also vulnerable. In the test, the exploit binds a shell to TCP port 4444. This security hole is the result of a flaw in the allocation of own values to the window.navigator object before the Java environment launches.
The Metasploit developer has recently been a prominent proponent of a full disclosure policy and has announced that the month of July would be the "Month of Browser Bugs" (MoBB). He has documented 29 security holes in browsers this month, most of which were in Internet Explorer.
- MoBB #28: Mozilla Navigator Object , H.D. Moore's security advisory