[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: Remote Vulnerability in Firefox Extensions



On 6/21/07, scar <scar@xxxxxxxxxx> wrote:
...
it seems to me that many addons which are downloaded
from https://addons.mozilla.org/ use different, non-https,
addresses to check for and download updates.

the problem exists when non https is used for updates. any plugins
getting updates via http port 80 would be vulnerable.


would this vulnerability exist with all of those addons as
well?  how to find out what address each addon uses to
download updates?

i haven't tested the various plugins myself.  a sniffer should tell
you quickly if updates are performed insecurely, though you may need
trial and error to determine which one is making the requests if it
isn't obvious in the data.

this would be a good subject to document on the wiki if you pursue it :)

best regards,