[gentoo-announce] [ GLSA 200408-05 ] Opera: Multiple new vulnerabilities - gentoo-announce

From:	Thierry Carrez <koon@g.o>
To:	gentoo-announce@l.g.o
Cc:	bugtraq@×××××××××××××.com, full-disclosure@××××××××××××.com, security-alerts@×××××××××××××.com
Subject:	[gentoo-announce] [ GLSA 200408-05 ] Opera: Multiple new vulnerabilities
Date:	Thu, 05 Aug 2004 20:43:54
Message-Id:	`41129BC0.50709@gentoo.org`

1

-----BEGIN PGP SIGNED MESSAGE-----

2

Hash: SHA1

3

4

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

5

Gentoo Linux Security Advisory                           GLSA 200408-05

6

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

7

                                            http://security.gentoo.org/

8

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

9

10

  Severity: Normal

11

     Title: Opera: Multiple new vulnerabilities

12

      Date: August 05, 2004

13

      Bugs: #59503

14

        ID: 200408-05

15

16

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

17

18

Synopsis

19

========

20

21

Several new vulnerabilities were found and fixed in Opera, including

22

one allowing an attacker to read the local filesystem remotely.

23

24

Background

25

==========

26

27

Opera is a multi-platform web browser.

28

29

Affected packages

30

=================

31

32

    -------------------------------------------------------------------

33

     Package        /   Vulnerable   /                      Unaffected

34

    -------------------------------------------------------------------

35

  1  net-www/opera        <= 7.53                              >= 7.54

36

37

Description

38

===========

39

40

Multiple vulnerabilities have been found in the Opera web browser.

41

Opera fails to deny write access to the "location" browser object. An

42

attacker can overwrite methods in this object and gain script access to

43

any page that uses one of these methods. Furthermore, access to file://

44

URLs is possible even from pages loaded using other protocols. Finally,

45

spoofing a legitimate web page is still possible, despite the fixes

46

announced in GLSA 200407-15.

47

48

Impact

49

======

50

51

By enticing an user to visit specially crafted web pages, an attacker

52

can read files located on the victim's file system, read emails written

53

or received by M2, Opera's mail program, steal cookies, spoof URLs,

54

track user browsing history, etc.

55

56

Workaround

57

==========

58

59

There is no known workaround at this time. All users are encouraged to

60

upgrade to the latest available version.

61

62

Resolution

63

==========

64

65

All Opera users should upgrade to the latest stable version:

66

67

    # emerge sync

68

69

    # emerge -pv ">=net-www/opera-7.54"

70

    # emerge ">=net-www/opera-7.54"

71

72

References

73

==========

74

75

  [ 1 ] Opera Changelog

76

        http://www.opera.com/linux/changelogs/754/

77

  [ 2 ] Address bar spoofing issue disclosure

78

79

http://archives.neohapsis.com/archives/fulldisclosure/2004-07/1056.html

80

  [ 3 ] GreyMagic Security Advisory GM#008-OP

81

        http://www.greymagic.com/security/advisories/gm008-op/

82

83

Availability

84

============

85

86

This GLSA and any updates to it are available for viewing at

87

the Gentoo Security Website:

88

89

    http://security.gentoo.org/glsa/glsa-200408-05.xml

90

91

Concerns?

92

=========

93

94

Security is a primary focus of Gentoo Linux and ensuring the

95

confidentiality and security of our users machines is of utmost

96

importance to us. Any security concerns should be addressed to

97

security@g.o or alternatively, you may file a bug at

98

http://bugs.gentoo.org.

99

100

License

101

=======

102

103

Copyright 2004 Gentoo Foundation, Inc; referenced text

104

belongs to its owner(s).

105

106

The contents of this document are licensed under the

107

Creative Commons - Attribution / Share Alike license.

108

109

http://creativecommons.org/licenses/by-sa/1.0

110

111

-----BEGIN PGP SIGNATURE-----

112

Version: GnuPG v1.2.4 (GNU/Linux)

113

Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org

114

115

iD8DBQFBEpvAvcL1obalX08RAjY4AJ9Qfm/3iDPqPwSc5Kxq8FGGPUS19wCfSACv

116

yHjb6mdQNxs7fdnRP5LZyV8=

117

=ICRn

118

-----END PGP SIGNATURE-----

1	-----BEGIN PGP SIGNED MESSAGE-----
2	Hash: SHA1
3
4	- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
5	Gentoo Linux Security Advisory GLSA 200408-05
6	- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
7	http://security.gentoo.org/
8	- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
9
10	Severity: Normal
11	Title: Opera: Multiple new vulnerabilities
12	Date: August 05, 2004
13	Bugs: #59503
14	ID: 200408-05
15
16	- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
17
18	Synopsis
19	========
20
21	Several new vulnerabilities were found and fixed in Opera, including
22	one allowing an attacker to read the local filesystem remotely.
23
24	Background
25	==========
26
27	Opera is a multi-platform web browser.
28
29	Affected packages
30	=================
31
32	-------------------------------------------------------------------
33	Package / Vulnerable / Unaffected
34	-------------------------------------------------------------------
35	1 net-www/opera <= 7.53 >= 7.54
36
37	Description
38	===========
39
40	Multiple vulnerabilities have been found in the Opera web browser.
41	Opera fails to deny write access to the "location" browser object. An
42	attacker can overwrite methods in this object and gain script access to
43	any page that uses one of these methods. Furthermore, access to file://
44	URLs is possible even from pages loaded using other protocols. Finally,
45	spoofing a legitimate web page is still possible, despite the fixes
46	announced in GLSA 200407-15.
47
48	Impact
49	======
50
51	By enticing an user to visit specially crafted web pages, an attacker
52	can read files located on the victim's file system, read emails written
53	or received by M2, Opera's mail program, steal cookies, spoof URLs,
54	track user browsing history, etc.
55
56	Workaround
57	==========
58
59	There is no known workaround at this time. All users are encouraged to
60	upgrade to the latest available version.
61
62	Resolution
63	==========
64
65	All Opera users should upgrade to the latest stable version:
66
67	# emerge sync
68
69	# emerge -pv ">=net-www/opera-7.54"
70	# emerge ">=net-www/opera-7.54"
71
72	References
73	==========
74
75	[ 1 ] Opera Changelog
76	http://www.opera.com/linux/changelogs/754/
77	[ 2 ] Address bar spoofing issue disclosure
78
79	http://archives.neohapsis.com/archives/fulldisclosure/2004-07/1056.html
80	[ 3 ] GreyMagic Security Advisory GM#008-OP
81	http://www.greymagic.com/security/advisories/gm008-op/
82
83	Availability
84	============
85
86	This GLSA and any updates to it are available for viewing at
87	the Gentoo Security Website:
88
89	http://security.gentoo.org/glsa/glsa-200408-05.xml
90
91	Concerns?
92	=========
93
94	Security is a primary focus of Gentoo Linux and ensuring the
95	confidentiality and security of our users machines is of utmost
96	importance to us. Any security concerns should be addressed to
97	security@g.o or alternatively, you may file a bug at
98	http://bugs.gentoo.org.
99
100	License
101	=======
102
103	Copyright 2004 Gentoo Foundation, Inc; referenced text
104	belongs to its owner(s).
105
106	The contents of this document are licensed under the
107	Creative Commons - Attribution / Share Alike license.
108
109	http://creativecommons.org/licenses/by-sa/1.0
110
111	-----BEGIN PGP SIGNATURE-----
112	Version: GnuPG v1.2.4 (GNU/Linux)
113	Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org
114
115	iD8DBQFBEpvAvcL1obalX08RAjY4AJ9Qfm/3iDPqPwSc5Kxq8FGGPUS19wCfSACv
116	yHjb6mdQNxs7fdnRP5LZyV8=
117	=ICRn
118	-----END PGP SIGNATURE-----

Gentoo Archives: gentoo-announce