From owner-freebsd-security@FreeBSD.ORG Mon May 9 00:38:46 2005 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id CC58A16A4E6 for ; Mon, 9 May 2005 00:38:46 +0000 (GMT) Received: from rproxy.gmail.com (rproxy.gmail.com [64.233.170.207]) by mx1.FreeBSD.org (Postfix) with ESMTP id 7296943D53 for ; Mon, 9 May 2005 00:38:46 +0000 (GMT) (envelope-from d4rkstorm@gmail.com) Received: by rproxy.gmail.com with SMTP id j1so643971rnf for ; Sun, 08 May 2005 17:38:46 -0700 (PDT) DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:reply-to:to:subject:mime-version:content-type:content-transfer-encoding:content-disposition; b=DR/Jhe70aY8pyvjoDLYBQhoN3OZeVdO3JAWITlQ1vv2Ty0ldYofs5zL7ZnxwwC56rumGxPN1dM/fsTEE63NHAW+RDqtcWX0hvP+rgk7bEcW1gEHEOBFaUC9G6sj5DFzvoo9ILSu9Q69Yf5fhH8JJRmHXid7PUPTeNesOqLBRvg8= Received: by 10.38.78.47 with SMTP id a47mr649187rnb; Sun, 08 May 2005 17:38:46 -0700 (PDT) Received: by 10.38.101.1 with HTTP; Sun, 8 May 2005 17:38:46 -0700 (PDT) Message-ID: <245f0df105050817385e256c16@mail.gmail.com> Date: Mon, 9 May 2005 10:38:46 +1000 From: "Drew B. [Security Expertise/Freelance Security research]." To: freebsd-security@freebsd.org Mime-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Content-Disposition: inline Subject: RE: Mozilla cross patforming code X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: "Drew B. \[Security Expertise/Freelance Security research\]." List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 09 May 2005 00:38:46 -0000 Please be aware of 2 exploits currently running wild, one of wich is cross platform and verified as running on BSD, here is a 1.0.2 crossplatforming code PoC i found in a search -> http://www.milw0rm.com/id.php?id=3D943 There is 'newer' code and PoC of this (k-otik.com,other publics), however it is not mentionioned as it is not 100% verified as cross platforming yet. I recommend people keep speedy with browser updating, Mozilla is not as solid as it once was. I hope this can help anyone out there, it was brought to my attention by a colleague who was plagued with this all week last week. Regards, --=20 ------------------------------------------ Drew B. /* Security researcher/expert,threat-focus,Freelance */ ------------------------------------------