2006.11.24 Daily Security Reading

Posted by Rodney.Campbell at November 24th, 2006

FireFox Password Manager Flaw w/ POC

The flaw derives from Firefox’s willingness to supply the username and password stored on one page on a domain to another page on a domain. For example, username/password input tags on a Myspace user’s site will be unhelpfully propagated with the visitor’s Myspace.com credentials. Because the username/password fields need not be visible on the page, your password can be stolen in an almost completely transparent fashion.

IP Telephones

Remotely activate the ‘hands free’ function on an IP telephone (using software) to allow listening in to room conversations.

Share and Enjoy:
  • Digg
  • Netscape
  • Technorati
  • del.icio.us
  • StumbleUpon
  • Reddit
  • Slashdot
  • BlinkList
  • Fark
  • NewsVine
  • Furl
  • Spurl
  • Facebook
  • Google
  • LinkedIn

Posted in Security  |  0 comments  |  Tags: , ,

Commentary

Leave a response »

Leave a comment, a trackback from your own site or subscribe to an RSS feed for this entry. Trackback URL for this entry Comments feed for this entry

Leave a response

Leave a URL

Preview