Firefox Update To Patch Port-Scanning Flaw

Apparently Mozilla released an update to its Firefox browser late on Tuesday to patch a port scanning vulnerability.

The FTP PASV port-scanning flaw, which is rated a “low” risk, could enable a hacker to take a look around inside a victim’s machine.

An advisory on the Mozilla site warns that a malicious Web page hosted on a specially-coded FTP server could use the scanning feature to perform a rudimentary port-scan of machines inside a user’s firewall.

“By itself, this causes no harm, but information about an internal network may be useful to an attacker should there be other vulnerabilities present on the network,” Mozilla stated in the advisory.

The update – Firefox 2.0.0.3 – also deals with several Web compatibility regressions introduced with Firefox 2.0.0.2.

An update to address the same regressions for the Firefox 1.5 Branch, Firefox 1.5.0.11, also has been released.

2 Comments on “Firefox Update To Patch Port-Scanning Flaw

  1. I’m glad Mozilla are on top of security issues and of course I updated when it prompted me to

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>