Mozilla Firefox PKCS11 Module Installation Code Execution

2009-09-24T00:00:00
ID SAINT:76E6E570DAC99D2C71631967F7749C73
Type saint
Reporter SAINT Corporation
Modified 2009-09-24T00:00:00

Description

Added: 09/24/2009
CVE: CVE-2009-3076
BID: 36343
OSVDB: 57977

Background

Mozilla is a suite of Internet client products available for multiple platforms.

Problem

The warning dialog displayed when adding or removing security modules via pkcs11.addmodule or pkcs11.deletemodule can be customized by an attacker to trick a user into installing a malicious PKCS11 module leading to command execution.

Resolution

Upgrade to Mozilla Firefox 3.0.14 or higher.

References

<http://www.mozilla.org/security/announce/2009/mfsa2009-48.html>

Limitations

Exploit works on Mozilla Firefox 3.0.10 and requires a user to load the exploit page in Mozilla Firefox and click the Okay button when a window pops up asking whether to install the module.

In order for this exploit to succeed, first download the exploit.dll file from the exploit server and place it on the specified SMB share, which must be accessible by the target.

In order for this exploit to succeed, Microsoft Visual C++ 2008 SP1 Redistributable Package must be installed on the target.

Platforms

Windows