Get a Pentest and security assessment of your IT network.

News

Mozilla Fixes Site Error-Handling Bug

Bugzilla site holds a wild card SSL certificate that also is valid on Mozilla.org. The bug was related to the way that the sites responded to certain requests from client machines when the clients specify an incorrect HTTP host header. Mozilla has fixed the bug by changing the way the servers handle those requests. Attack could have been exploited to execute a man-in-the-middle attack against an unsuspecting user, Mozilla s Michael Coates wrote. In the attack scenario, an attacker could use a dns rebinding style attack to cause this header mismatch on a request for JavaScript made by the primary page.

Source: https://threatpost.com/mozilla-fixes-site-error-handling-bug-112210/74698/

Related posts
News

Ashley Madison 2.0 Hackers Leak 20GB Data Dump, Including CEO's Emails

News

Art of Twitter account hacking

News

Webroot Impact of Web-borne threats on businesses

News

UK NCSC warns of cyber attacks powered by Russia against the political system