Get a Pentest and security assessment of your IT network.

News

Mozilla Fixes Site Error-Handling Bug

Bugzilla site holds a wild card SSL certificate that also is valid on Mozilla.org. The bug was related to the way that the sites responded to certain requests from client machines when the clients specify an incorrect HTTP host header. Mozilla has fixed the bug by changing the way the servers handle those requests. Attack could have been exploited to execute a man-in-the-middle attack against an unsuspecting user, Mozilla s Michael Coates wrote. In the attack scenario, an attacker could use a dns rebinding style attack to cause this header mismatch on a request for JavaScript made by the primary page.

Source: https://threatpost.com/mozilla-fixes-site-error-handling-bug-112210/74698/

Related posts
News

Ashley Madison 2.0 Hackers Leak 20GB Data Dump, Including CEO's Emails

News

Art of Twitter account hacking

News

1 day attack with DDoS booter costs $60 causing $720k in damageSecurity Affairs

News

NSA-linked Cisco exploit poses bigger threat than previously thought