DaemonForums  

Go Back   DaemonForums > DaemonForums.org > News

News News regarding BSD and related.

Reply
 
Thread Tools Display Modes
  #1   (View Single Post)  
Old 18th October 2011
J65nko J65nko is offline
Administrator
 
Join Date: May 2008
Location: Budel - the Netherlands
Posts: 4,125
Default Critical security hole in current version of Opera

From http://h-online.com/-1362504

Quote:
Security expert José A. Vázquez has released details of a critical security hole in the Opera browser that can be exploited to inject malicious code. Vázquez says that he found the hole and notified the developers with a proof of concept a year ago. However, the expert said that Opera decided not to close the hole.
__________________
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump
Reply With Quote
  #2   (View Single Post)  
Old 18th October 2011
graudeejs's Avatar
graudeejs graudeejs is offline
Real Name: Aldis Berjoza
ISO Quartermaster
 
Join Date: Jul 2008
Location: Riga, Latvia
Posts: 589
Default

great, just great
Reply With Quote
  #3   (View Single Post)  
Old 18th October 2011
Carpetsmoker's Avatar
Carpetsmoker Carpetsmoker is offline
Real Name: Martin
Tcpdump Spy
 
Join Date: Apr 2008
Location: Netherlands
Posts: 2,243
Default

As far as I can figure out from the metasploit module, this only works if DEP is disabled.

http://dev.metasploit.com/redmine/pr...r/opera_svg.rb

Quote:
NOTE: This module is incomplete because Opera by default supports DEP (since version 9), but this exploit only works with /noexecute=AlwaysOff. The following explains the challenge we need to overcome in order to support DEP-bypass:
__________________
UNIX was not designed to stop you from doing stupid things, because that would also stop you from doing clever things.
Reply With Quote
  #4   (View Single Post)  
Old 19th October 2011
Beastie Beastie is offline
Daemonology student
 
Join Date: Jan 2009
Location: /dev/earth0
Posts: 335
Default Ha!

"Manipulating fonts in SVG can allow execution of arbitrary code" advisory
Opera 11.52 changelog (UNIX)
__________________
May the source be with you!
Reply With Quote
  #5   (View Single Post)  
Old 20th October 2011
drhowarddrfine drhowarddrfine is offline
VPN Cryptographer
 
Join Date: May 2008
Posts: 377
Default

Yeah. This isn't Internet Explorer where it takes months and years to fix exploits.
Reply With Quote
  #6   (View Single Post)  
Old 20th October 2011
Beastie Beastie is offline
Daemonology student
 
Join Date: Jan 2009
Location: /dev/earth0
Posts: 335
Default

Quote:
Originally Posted by drhowarddrfine View Post
Yeah. This isn't Internet Explorer where it takes months and years to fix exploits.
Yes, the release of the exploit probably forced their hand - as was hinted at in the Beta testing forum - and they reacted quickly. Their development is light years beyond Microsoft's.
__________________
May the source be with you!
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Critical hole in the Exim Mail server closed J65nko News 0 9th May 2011 08:26 PM
Opera 11.01 closes critical hole J65nko News 0 27th January 2011 04:14 PM
Tor project releases update to close critical hole J65nko News 0 17th January 2011 06:08 PM
Critical hole closed in Foxit Reader J65nko News 0 10th August 2010 05:51 PM
Firefox 3.6.3 closes a critical hole J65nko News 0 2nd April 2010 05:52 PM


All times are GMT. The time now is 09:32 AM.


Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.
Content copyright © 2007-2010, the authors
Daemon image copyright ©1988, Marshall Kirk McKusick