DaemonForums  

Go Back   DaemonForums > DaemonForums.org > News

News News regarding BSD and related.

Reply
 
Thread Tools Display Modes
  #1   (View Single Post)  
Old 30th January 2010
J65nko J65nko is offline
Administrator
 
Join Date: May 2008
Location: Budel - the Netherlands
Posts: 4,125
Default Firefox-based attack wreaks havoc on IRC users

From http://www.theregister.co.uk/2010/01...otocol_attack/

Quote:
World's first inter-protocol exploit, but not the last

Underscoring a little-known web vulnerability, hackers are exploiting a weakness in the Mozilla Firefox browser to wreak havoc on Freenode and other networks that cater to users of internet relay chat.

Using a piece of javascript embedded into a web link, the hackers force users of the open-source browser to join IRC networks and flood channels with diatribes that include the same internet address. As IRC users with Firefox follow the link, their browsers are also forced to spam the channels, giving the attack a viral quality that has has caused major disruptions for almost a month.
__________________
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump
Reply With Quote
  #2   (View Single Post)  
Old 31st January 2010
TerryP's Avatar
TerryP TerryP is offline
Arp Constable
 
Join Date: May 2008
Location: USofA
Posts: 1,547
Default

Hmm, so that's where all this craziness on freenode has been coming from lately. I don't approve of the use, but do admit it is an interesting technique.
__________________
My Journal

Thou shalt check the array bounds of all strings (indeed, all arrays), for surely where thou typest ``foo'' someone someday shall type ``supercalifragilisticexpialidocious''.
Reply With Quote
Reply

Tags
exploit, freenode, irc

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
FreeBSD New Frenzy Live CD based on FreeBSD 8.0 J65nko News 3 11th January 2010 06:15 PM
A name for an embedded FreeBSD-based OS nimnod Off-Topic 15 16th March 2009 03:06 PM
FOSS web-based accounting? DraconianTimes Off-Topic 0 16th November 2008 02:20 PM
supress UDP ddos attack chris FreeBSD Security 4 9th July 2008 02:46 PM
Upgrading firefox to firefox 3 -keeping plugins+bookmarks kasse FreeBSD Ports and Packages 11 5th July 2008 01:34 PM


All times are GMT. The time now is 02:24 AM.


Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.
Content copyright © 2007-2010, the authors
Daemon image copyright ©1988, Marshall Kirk McKusick