The Channel logo


By | John Leyden 21st September 2005 11:45

Linux users warned over Firefox flaw

Shell shock

Security researchers have discovered a new vulnerability with Firefox that might allow hackers to seize control of Unix or Linux machines running vulnerable versions of the popular alternative browser software. The vulnerability can only be exploited on Unix or Linux based environments. Firefox users at risk are advised to upgrade to version 1.0.7 to guard against attack.

The security bug creates a means for hackers to execute arbitrary shell commands providing they trick users into following a malicious link in an external application which uses Firefox as the default browser, such as the Evolution email client on various versions of Red Hat Linux. The vulnerability has been confirmed in version 1.0.6 of Firefox on Fedora Core 4 and Red Hat Enterprise Linux 4. Other versions and platforms may also be affected, security notification firm Secunia warns, however there's no evidence that the security bug is being actively exploited. The flaw, such as it is, was unearthed by security researcher Peter Zelezny. ®

alert Send corrections


Frank Jennings

What do you do? Use manual typwriters or live in a Scottish croft? Our man advises
A rusty petrol pump at an abandoned gas station. Pic by Silvia B. Jakiello via shutterstock

Trevor Pott

Among other things, Active Directory needs an overhaul
Baby looks taken aback/shocked/affronted. Photo by Shutterstock

Kat Hall

Plans for 2 million FTTP connections in next four years 'not enough'
Microsoft CEO Satya Nadella


Suit-and-tie-wearing man tries to meditate, take deep breaths in faux yoga pose. Photo by Shutterstock
Emotional intelligence, not tech skills, is the way to woo suits
League of gentlemen poster - Tubbs and Edward at the local shop. Copyright BBC
One reselling man tells his tale of woe