In association with heise online

21 March 2007, 10:26

Minor updates for Firefox

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

The Mozilla Foundation has made versions and of their stand-alone Web browser Firefox for Linux, Mac OS X and Windows available for download. These remove security holes that had enabled attackers to carry out port scans on LANs with the help of a modified FTP server. These scans could have been used to determine networked topology or search for vulnerabilities. They were possible on account of the PASV command, which is used by Firefox to request an alternate data port. The specification of the FTP protocol allowed the server response to include an alternate server address. The new version now simply ignores the alternate server address. In addition, Firefox is said to be compatible with more websites than its predecessor.

The 1.5.0.x branch of Firefox will no longer be supplied with updates after April 24, Mozilla declared. Users have been advised to switch to; not least because the more up-to-date branch was more suitable for Windows Vista, the company stated.


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit