Network Computing is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

  1. Home
  2. Careers-and-certifications
  3. Mozilla Releases Firefox Update To Patch Port-Scanning Flaw
Careers and Certifications

Mozilla Releases Firefox Update To Patch Port-Scanning Flaw

The vulnerability, rated a low risk, could let a hacker take a look around inside a user's computer.
March 21, 2007

Mozilla released an update to its Firefox browser late on Tuesday to patch a port-scanning vulnerability.

The FTP PASV port-scanning flaw, which is rated a low risk, could enable a hacker to take a look around inside a victim's machine. An advisory on the Mozilla site warns that a malicious Web page hosted on a specially-coded FTP server could use the scanning feature to perform a rudimentary port-scan of machines inside a user's firewall.

"By itself, this causes no harm, but information about an internal network may be useful to an attacker should there be other vulnerabilities present on the network," Mozilla stated in the advisory.

The update -- Firefox 2.0.0.3 -- also deals with several Web compatibility regressions introduced with Firefox 2.0.0.2. An update to address the same regressions for the Firefox 1.5 Branch, Firefox 1.5.0.11, also has been released.

Mozilla pushed out a beta release of Firefox 2.0.0.3 between last Friday and Saturday. Mozilla is beginning to treat its security and stability updates like it does its major version releases, issuing beta releases to its tester community.

Tags:

News
Careers and Certifications