---------------------------------------------------------------------- Hardcore Disassembler / Reverse Engineer Wanted! Want to work with IDA and BinDiff? Want to write PoC's and Exploits? Your nationality is not important. We will get you a work permit, find an apartment, and offer a relocation compensation package. http://secunia.com/hardcore_disassembler_and_reverse_engineer/ ---------------------------------------------------------------------- TITLE: Debian update for mozilla-firefox SECUNIA ADVISORY ID: SA21176 VERIFY ADVISORY: http://secunia.com/advisories/21176/ CRITICAL: Highly critical IMPACT: Security Bypass, Cross Site Scripting, System access WHERE: >From remote OPERATING SYSTEM: Debian GNU/Linux 3.1 http://secunia.com/product/5307/ Debian GNU/Linux unstable alias sid http://secunia.com/product/530/ DESCRIPTION: Debian has issued an update for mozilla-firefox. This fixes some vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions, conduct cross-site scripting and HTTP response smuggling attacks, and potentially compromise a user's system. For more information: SA19698 SA20376 SOLUTION: Apply updated packages. -- Debian GNU/Linux 3.1 alias sarge -- Source archives: http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge9.dsc Size/MD5 checksum: 1001 21424c5ba440f16f6abea37711d66aa9 http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge9.diff.gz Size/MD5 checksum: 398646 2eff76a21650ad05f52b5fdf73bd3f7e http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4.orig.tar.gz Size/MD5 checksum: 40212297 8e4ba81ad02c7986446d4e54e978409d Alpha architecture: http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge9_alpha.deb Size/MD5 checksum: 11173304 3a940907dc9761c8f509bb4c985db436 http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-dom-inspector_1.0.4-2sarge9_alpha.deb Size/MD5 checksum: 169032 05d7a00140abdf880b41c4fa28114068 http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-gnome-support_1.0.4-2sarge9_alpha.deb Size/MD5 checksum: 60866 de85fa33566f2fbfcc86501ee62b2a1b AMD64 architecture: http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge9_amd64.deb Size/MD5 checksum: 9401816 963bc07e9bad81b56674d2e87fcc2074 http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-dom-inspector_1.0.4-2sarge9_amd64.deb Size/MD5 checksum: 163774 782e55322d790e206be62b7c973cf4ee http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-gnome-support_1.0.4-2sarge9_amd64.deb Size/MD5 checksum: 59390 62063c4dc7dfb9dd977b2a019bd37946 ARM architecture: http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge9_arm.deb Size/MD5 checksum: 8223298 0a3854d01bb66b8251a6fd0f6f6acf1d http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-dom-inspector_1.0.4-2sarge9_arm.deb Size/MD5 checksum: 155248 04b4755e60835717a7b5ed0025f00f0c http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-gnome-support_1.0.4-2sarge9_arm.deb Size/MD5 checksum: 54702 93f66e628ad9327de4ed14acdfec4395 Intel IA-32 architecture: http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge9_i386.deb Size/MD5 checksum: 8899786 395567e782da4a1d6e0ef10367ba57cc http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-dom-inspector_1.0.4-2sarge9_i386.deb Size/MD5 checksum: 159032 5225bca73b84ed3e8a1c4e06bdd6cd69 http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-gnome-support_1.0.4-2sarge9_i386.deb Size/MD5 checksum: 56250 f8baa460416bd34c28e347b371c2ac72 Intel IA-64 architecture: http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge9_ia64.deb Size/MD5 checksum: 11632562 3fc46e9c4a4575594c610c7ff85146ce http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-dom-inspector_1.0.4-2sarge9_ia64.deb Size/MD5 checksum: 169362 aad3f6f89760080eca86f9988c690532 http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-gnome-support_1.0.4-2sarge9_ia64.deb Size/MD5 checksum: 64062 0973673b6e56cc6d26db14a0170c4a1a HP Precision architecture: http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge9_hppa.deb Size/MD5 checksum: 10275134 dbdcf7d07ead3c046ec5a604922bd853 http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-dom-inspector_1.0.4-2sarge9_hppa.deb Size/MD5 checksum: 166732 ff51c0f78f3bb6ee011c85e850e67230 http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-gnome-support_1.0.4-2sarge9_hppa.deb Size/MD5 checksum: 59840 856193bc316aecbcce4f88aae4404240 Motorola 680x0 architecture: http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge9_m68k.deb Size/MD5 checksum: 8175302 d60841a0292077f4635ca9b68c45cd8a http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-dom-inspector_1.0.4-2sarge9_m68k.deb Size/MD5 checksum: 157932 5559512572a0493c336f46e67dc6163d http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-gnome-support_1.0.4-2sarge9_m68k.deb Size/MD5 checksum: 55524 f04387c9e24e76965342227983327a03 Big endian MIPS architecture: http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge9_mips.deb Size/MD5 checksum: 9932150 56eefc3ec8a8832645ec1316929f4411 http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-dom-inspector_1.0.4-2sarge9_mips.deb Size/MD5 checksum: 156774 696dca1ed57d6c13fd80bcd6fc4364cd http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-gnome-support_1.0.4-2sarge9_mips.deb Size/MD5 checksum: 56506 af7303ff23599cf25224df22f5b92e05 Little endian MIPS architecture: http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge9_mipsel.deb Size/MD5 checksum: 9810314 3673c61e049c42c7ea21ed58e06b2acc http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-dom-inspector_1.0.4-2sarge9_mipsel.deb Size/MD5 checksum: 156350 9d3f411c8372b54775ab5ba90c10d0da http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-gnome-support_1.0.4-2sarge9_mipsel.deb Size/MD5 checksum: 56336 ccc11bdf50a4b0809fe7ed2dbdf44006 PowerPC architecture: http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge9_powerpc.deb Size/MD5 checksum: 8571660 cf198d98db5695e5c423c567ebfdba38 http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-dom-inspector_1.0.4-2sarge9_powerpc.deb Size/MD5 checksum: 157448 d96866bfc3e74f73d6cf4a3f71aa50cb http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-gnome-support_1.0.4-2sarge9_powerpc.deb Size/MD5 checksum: 58628 e3a6722463006bb379c9548318784af8 IBM S/390 architecture: http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge9_s390.deb Size/MD5 checksum: 9641400 c935ca331cf22eab9f311fc65c69e227 http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-dom-inspector_1.0.4-2sarge9_s390.deb Size/MD5 checksum: 164392 342aeb1f6362565bac9cd8f9a34e6711 http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-gnome-support_1.0.4-2sarge9_s390.deb Size/MD5 checksum: 58816 3199d08b5c64c05d4c9f3600fd1a9927 Sun Sparc architecture: http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox_1.0.4-2sarge9_sparc.deb Size/MD5 checksum: 8662210 a25db0f4ce57b47898d633b2512cd0b4 http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-dom-inspector_1.0.4-2sarge9_sparc.deb Size/MD5 checksum: 157632 5d0f66746bcbb48269e1e4e0efa71067 http://security.debian.org/pool/updates/main/m/mozilla-firefox/mozilla-firefox-gnome-support_1.0.4-2sarge9_sparc.deb Size/MD5 checksum: 55062 99d09b78f6efa23c02d1e9076185f105 -- Debian GNU/Linux unstable alies sid -- Fixed in version 1.5.dfsg+1.5.0.4-1. ORIGINAL ADVISORY: http://www.us.debian.org/security/2006/dsa-1120 OTHER REFERENCES: SA19698: http://secunia.com/advisories/19698/ SA20376: http://secunia.com/advisories/20376/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------