Ubuntu

FireFOX has holes like Sweess cheese

Bug #114060 reported by cut288
254
Affects Status Importance Assigned to Milestone
Ubuntu
Invalid
Undecided
Unassigned

Bug Description

FireFox -bin bug report , widly explored port 80. and 443 .by hackers and overs.
Your FireFox has holes like Sweess cheese.
I would say , there's a lot activities. Thank you.

Revision history for this message
cut288 (r-kurowski5) wrote : bag report detales

  12/05/07 Wieliczka

P O L A N D

<email address hidden>

Launching Pad “Ubuntu” bag report.

Dear Sir

I did officially reported on Launching Pad a FireFox bag concerning
vulnerability and

exploration of port 80 and 443 by hackers and US Army. FireStarter
listed not only servers for web page but also strange diggers trough
firefox-bin . One time someone changed Trash bin colour for navy blue .
Of course the next day reinstalled OS. That sounds fanny but it
wasn't .

sincerely yours

Richard

Revision history for this message
Martin Pitt (pitti) wrote :

We ship the current upstream versions of Firefox in all supported releases, thus Ubuntu does not have any publicly known vulnerabilities which are fixed upstream already.

If you discovered a new vulnerability, please give us some details or pointers about it. Thank you!

Revision history for this message
cut288 (r-kurowski5) wrote : Re: [Bug 114060] Re: FireFOX has holes like Sweess cheese

Dnia 14-05-2007, pon o godzinie 09:35 +0000, Martin Pitt napisał(a):
> We ship the current upstream versions of Firefox in all supported
> releases, thus Ubuntu does not have any publicly known vulnerabilities
> which are fixed upstream already.
>
> If you discovered a new vulnerability, please give us some details or
> pointers about it. Thank you!
>
> ** Visibility changed to: Public
>
> ** Changed in: Ubuntu
> Status: Unconfirmed => Rejected
> 12/05/07 Wieliczka

P O L A N D

<email address hidden>

Launchpad “Ubuntu” bag report.

Dear Sir

I did officially reported on Launchpad a Fire Fox bag concerning
vulnerability and

exploration of port 80 and 443 by hackers and US Army. Fire Starter
listed not only servers for web page but also strange diggers trough
fire fox-bin . One time someone changed Trash bin colour for navy blue .
Of course the next day reinstalled OS. That sounds fanny but it
wasn't .

sincerely yours

Richard

p.s.

13/05/07

Let me tell you that ,it was so upset when I discovered someone dug up
in my system .It was only yesterday I found it too my amazement US Army
Fort Huachuca 55.6.24.127 was listed by net tool.

Fire Starter listed it among web active connections addresses as a
direction , it used port 80. To add a few I was connected to www.msn.com
MSNBC. when that occur .

sincerely yours

Richard

Revision history for this message
cut288 (r-kurowski5) wrote :
Download full text (41.4 KiB)

Dnia 14-05-2007, pon o godzinie 09:35 +0000, Martin Pitt napisał(a):
> We ship the current upstream versions of Firefox in all supported
> releases, thus Ubuntu does not have any publicly known vulnerabilities
> which are fixed upstream already.
>
> If you discovered a new vulnerability, please give us some details or
> pointers about it. Thank you!
>
> ** Visibility changed to: Public
>
> ** Changed in: Ubuntu
> Status: Unconfirmed => Rejected
> There's something else ,I reminded they managed to crush my system shortly after discovery , it was sudden crash. I have some firestarter records to show you activities some days before.

Wieliczka 14/05/07

Time:Apr 28 09:54:15 Direction: Unknown In:eth0 Out: Port:53100 Source:193.238.42.232 Destination:87.207.99.25 Length:42 TOS:0x00 Protocol:UDP Service:Unknown
Time:Apr 28 09:54:19 Direction: Unknown In:eth0 Out: Port:25592 Source:60.2.115.251 Destination:87.207.99.25 Length:90 TOS:0x00 Protocol:UDP Service:Unknown
Time:Apr 28 09:54:20 Direction: Unknown In:eth0 Out: Port:25592 Source:220.165.128.8 Destination:87.207.99.25 Length:90 TOS:0x00 Protocol:UDP Service:Unknown
Time:Apr 28 09:54:24 Direction: Unknown In:eth0 Out: Port:25592 Source:122.167.10.42 Destination:87.207.99.25 Length:90 TOS:0x00 Protocol:UDP Service:Unknown
Time:Apr 28 09:54:25 Direction: Unknown In:eth0 Out: Port:25592 Source:80.43.52.91 Destination:87.207.99.25 Length:48 TOS:0x00 Protocol:TCP Service:Unknown
Time:Apr 28 09:54:28 Direction: Unknown In:eth0 Out: Port:25592 Source:219.73.28.1 Destination:87.207.99.25 Length:90 TOS:0x00 Protocol:UDP Service:Unknown
Time:Apr 28 09:54:28 Direction: Unknown In:eth0 Out: Port:25592 Source:80.43.52.91 Destination:87.207.99.25 Length:48 TOS:0x00 Protocol:TCP Service:Unknown
Time:Apr 28 09:54:29 Direction: Unknown In:eth0 Out: Port:25592 Source:122.8.0.146 Destination:87.207.99.25 Length:90 TOS:0x00 Protocol:UDP Service:Unknown
Time:Apr 28 09:54:33 Direction: Unknown In:eth0 Out: Port:30508 Source:193.238.42.232 Destination:87.207.99.25 Length:48 TOS:0x00 Protocol:TCP Service:Unknown
Time:Apr 28 09:54:34 Direction: Unknown In:eth0 Out: Port:25592 Source:89.187.228.9 Destination:87.207.99.25 Length:64 TOS:0x00 Protocol:TCP Service:Unknown
Time:Apr 28 09:54:34 Direction: Unknown In:eth0 Out: Port:25592 Source:80.43.52.91 Destination:87.207.99.25 Length:48 TOS:0x00 Protocol:TCP Service:Unknown
Time:Apr 28 09:54:36 Direction: Unknown In:eth0 Out: Port:30508 Source:193.238.42.232 Destination:87.207.99.25 Length:48 TOS:0x00 Protocol:TCP Service:Unknown
Time:Apr 28 09:54:37 Direction: Unknown In:eth0 Out: Port:25592 Source:89.187.228.9 Destination:87.207.99.25 Length:64 TOS:0x00 Protocol:TCP Service:Unknown
Time:Apr 28 09:54:43 Direction: Unknown In:eth0 Out: Port:25592 Source:81.153.185.130 Destination:87.207.99.25 Length:48 TOS:0x00 Protocol:TCP Service:Unknown
Time:Apr 28 09:54:43 Direction: Unknown In:eth0 Out: Port:25592 Source:81.153.185.130 Destination:87.207.99.25 Length:42 TOS:0x00 Protocol:UDP Service:Unknown
Time:Apr 28 09:54:43 Direction: Unknown In:eth0 Out: Port:25592 Source:89.187.228.9 Destination:87.207.99.25 Length:64 TOS:0x00 Protocol:TCP Service:Unknown
Time:Apr ...

Revision history for this message
cut288 (r-kurowski5) wrote :
Download full text (4.9 KiB)

Dnia 14-05-2007, pon o godzinie 09:35 +0000, Martin Pitt napisał(a):
> We ship the current upstream versions of Firefox in all supported
> releases, thus Ubuntu does not have any publicly known vulnerabilities
> which are fixed upstream already.
>
> If you discovered a new vulnerability, please give us some details or
> pointers about it. Thank you!
>
> ** Visibility changed to: Public
>
> ** Changed in: Ubuntu
> Status: Unconfirmed => Rejected
   Wieliczka 15 may 2007
There is something else I'd like to show a mail exchange with IANA.
============================================================================
<email address hidden> l04/07/07

Dear Sire

Once upon a time I reported abuse to IANA ,it was about half a year ago.
I believed it was right approach to a problem. But to my amazement I
found that IANA's 10.133.01 through 87.207.233.0 broadcasts from my
comp . Could you explain what is going on?

That is what we pay for open source?

sincerely yours

Richard
============================================================================
>From <email address hidden> Sat Apr 7 18:12:40 2007
 Return-Path: <email address hidden>
Received: from rs.icann.org ([192.0.34.50]) by viefep14-int.chello.at
 (InterMail vM.6.01.05.04 201-2131-123-105-20051025) with ESMTP id
 <email address hidden> for
 <email address hidden>; Sat, 7 Apr 2007 18:12:40 +0200
Received: by rs.icann.org (Postfix, from userid 80) id 6E0813F428; Sat,
7
 Apr 2007 09:13:14 -0700 (PDT)
Subject: [IANA #72812] IANA#36086
From: "Rosemary Bottino via RT" <email address hidden>
Reply-To: <email address hidden>
In-Reply-To:
References: <email address hidden>
Message-ID: <email address hidden>
Precedence: bulk
X-RT-Loop-Prevention: IANA
RT-Ticket: IANA #72812
Managed-by: RT 3.5.HEAD (http://www.bestpractical.com/rt/)
RT-Originator:
To: <email address hidden>
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
X-RT-Original-Encoding: utf-8
Date: Sat, 07 Apr 2007 09:13:14 -0700
X-Evolution-Source: pop://r.kurowski5%<email address hidden>/
Content-Transfer-Encoding: 8bit

Thank you for your abuse enquiry. Please read the following carefully,
it is important you understand it because you likely have contacted us
about special "IANA Reserved" IP addresses.

We are the Internet Assigned Numbers Authority (IANA), the global
authority that assigns IP addresses, including those allocated to all
users of the Internet via their Internet providers.

There are special sets of numbers that are designed not to be assigned
to any particular person. Instead, they are general allocations that are
either used in special ways, or designed for use in internal (home or
office) networks.

These numbers are primarily in the following ranges:

    * Begins with 10. (i.e. 10.0.0.0 through to 10.255.255.255)
    * Begins with 127.
    * Begins with 169.254.
    * Begins with 172.16. through 172.31.
    * Begins with 192.168.
    * Advertised with AS numbers 48128 through 65535.

If you are seeing abusive traffic (such as network attacks, or spam)
from these numbers, it is important to remember the following things:

1. The traffic D...

Read more...

To post a comment you must log in.
This report contains Public Security information  
Everyone can see this security related information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.