Vulnerabilities in Firefox, Thunderbird and SeaMonkey.

My previous post, with regard to a script to protect your hard drives from exploitation of the Microsofts default "administrative" (hidden) shares, was in no way intended to suggest that would completely protect your system, only that it might help close up one specific vulnerability. 

So apparently, some hacker (or hackers) thought they'd teach me a hard lesson in exploits and loose sourch-end routing.  All you need is a computer, nmap, metaspoit, the Internet and a really good vulnerability.  SeaMonkey provided the later.

According to NIST (National Institute of Standards and Technology), National Vulnerability Database:

"Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 4.x through 8.0, Thunderbird 5.0 through 8.0, and SeaMonkey before 2.6 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors that trigger a compartment mismatch associated with the nsDOMMessageEvent::GetData function, and unknown other vectors."

Impact

CVSS Severity (version 2.0):
CVSS v2 Base Score:10.0 (HIGH) (AV:N/AC:L/Au:N/C:C/I:C/A:C) (legend)
Impact Subscore: 10.0
Exploitability Subscore: 10.0
CVSS Version 2 Metrics:
Access Vector: Network exploitable

Authentication: Not required to exploit
Impact Type:Allows unauthorized disclosure of information; Allows unauthorized modification; Allows disruption of service

I think I can attest to the validity of this.  I've upgraded to SeaMonkey 2.6 but the hacker is already in my systems, probably, even as I type this post.  It will take me some time to ascertain what damage this hacker or these hackers have done to my systems (once they're in, they have access to ALL systems that are plugged in, turned on and networked).

Here's a partial firewall report, just after I discovered after the intrusion and blocked some of their IP's:

 
7:26:28 AM SYSTEM  OUT UDP 24.143.207.243 137 Blocked by IP Blocklist 0 0
7:23:19 AM SYSTEM  OUT UDP 24.143.207.27 137 Blocked by IP Blocklist 0 0
7:23:10 AM SYSTEM  OUT UDP 24.143.207.26 137 Blocked by IP Blocklist 0 0
7:21:35 AM SEAMONKEY.EXE OUT TCP 24.143.207.27 443 Blocked by IP Blocklist 0 0
7:21:35 AM SEAMONKEY.EXE OUT TCP 24.143.207.26 443 Blocked by IP Blocklist 0 0
7:21:35 AM SEAMONKEY.EXE OUT TCP 24.143.207.18 443 Blocked by IP Blocklist 0 0
7:21:35 AM SEAMONKEY.EXE OUT TCP 24.143.207.27 443 Blocked by IP Blocklist 0 0
7:21:35 AM SEAMONKEY.EXE OUT TCP 24.143.207.26 443 Blocked by IP Blocklist 0 0
7:21:35 AM SEAMONKEY.EXE OUT TCP 24.143.207.18 443 Blocked by IP Blocklist 0 0
7:21:06 AM SEAMONKEY.EXE OUT TCP 24.143.207.27 443 Blocked by IP Blocklist 0 0
7:21:06 AM SEAMONKEY.EXE OUT TCP 24.143.207.26 443 Blocked by IP Blocklist 0 0
7:21:06 AM SEAMONKEY.EXE OUT TCP 24.143.207.18 443 Blocked by IP Blocklist 0 0
7:21:05 AM SEAMONKEY.EXE OUT TCP 24.143.207.27 443 Blocked by IP Blocklist 0 0
7:21:05 AM SEAMONKEY.EXE OUT TCP 24.143.207.26 443 Blocked by IP Blocklist 0 0
7:21:05 AM SEAMONKEY.EXE OUT TCP 24.143.207.18 443 Blocked by IP Blocklist 0 0
7:19:28 AM SEAMONKEY.EXE OUT TCP 24.143.207.43 80 Blocked by IP Blocklist 0 0
7:19:28 AM SEAMONKEY.EXE OUT TCP 24.143.207.18 80 Blocked by IP Blocklist 0 0
7:19:22 AM SEAMONKEY.EXE OUT TCP 24.143.207.242 80 Blocked by IP Blocklist 0 0
7:19:22 AM SEAMONKEY.EXE OUT TCP 24.143.207.27 80 Blocked by IP Blocklist 0 0
7:19:16 AM SEAMONKEY.EXE OUT TCP 24.143.207.242 80 Blocked by IP Blocklist 0 0
7:19:16 AM SEAMONKEY.EXE OUT TCP 24.143.207.27 80 Blocked by IP Blocklist 0 0
7:19:10 AM SEAMONKEY.EXE OUT TCP 24.143.207.43 80 Blocked by IP Blocklist 0 0
7:19:10 AM SEAMONKEY.EXE OUT TCP 24.143.207.18 80 Blocked by IP Blocklist 0 0
7:19:10 AM SEAMONKEY.EXE OUT TCP 24.143.207.241 80 Blocked by IP Blocklist 0 0
7:19:10 AM SEAMONKEY.EXE OUT TCP 24.143.207.224 80 Blocked by IP Blocklist 0 0
7:18:52 AM SEAMONKEY.EXE OUT TCP 24.143.207.19 80 Blocked by IP Blocklist 0 0
7:18:52 AM SEAMONKEY.EXE OUT TCP 24.143.207.43 80 Blocked by IP Blocklist 0 0
7:18:52 AM SEAMONKEY.EXE OUT TCP 24.143.207.242 80 Blocked by IP Blocklist 0 0
7:18:52 AM SEAMONKEY.EXE OUT TCP 24.143.207.43 80 Blocked by IP Blocklist 0 0
7:18:52 AM SEAMONKEY.EXE OUT TCP 24.143.207.242 80 Blocked by IP Blocklist 0 0
7:18:52 AM SEAMONKEY.EXE OUT TCP 24.143.207.43 80 Blocked by IP Blocklist 0 0
7:18:52 AM SEAMONKEY.EXE OUT TCP 24.143.207.43 80 Blocked by IP Blocklist 0 0
7:18:52 AM SEAMONKEY.EXE OUT TCP 24.143.207.243 80 Blocked by IP Blocklist 0 0
7:18:52 AM SEAMONKEY.EXE OUT TCP 24.143.207.19 80 Blocked by IP Blocklist 0 0
7:18:52 AM SEAMONKEY.EXE OUT TCP 24.143.207.43 80 Blocked by IP Blocklist 0 0
7:21:35 AM SEAMONKEY.EXE OUT TCP 24.143.207.27 443 Blocked by IP Blocklist 0 0
7:21:35 AM SEAMONKEY.EXE OUT TCP 24.143.207.26 443 Blocked by IP Blocklist 0 0
7:21:35 AM SEAMONKEY.EXE OUT TCP 24.143.207.18 443 Blocked by IP Blocklist 0 0
7:21:35 AM SEAMONKEY.EXE OUT TCP 24.143.207.27 443 Blocked by IP Blocklist 0 0
7:21:35 AM SEAMONKEY.EXE OUT TCP 24.143.207.26 443 Blocked by IP Blocklist 0 0
7:21:35 AM SEAMONKEY.EXE OUT TCP 24.143.207.18 443 Blocked by IP Blocklist 0 0
7:21:06 AM SEAMONKEY.EXE OUT TCP 24.143.207.27 443 Blocked by IP Blocklist 0 0
7:21:06 AM SEAMONKEY.EXE OUT TCP 24.143.207.26 443 Blocked by IP Blocklist 0 0
7:21:06 AM SEAMONKEY.EXE OUT TCP 24.143.207.18 443 Blocked by IP Blocklist 0 0
7:21:05 AM SEAMONKEY.EXE OUT TCP 24.143.207.27 443 Blocked by IP Blocklist 0 0
7:21:05 AM SEAMONKEY.EXE OUT TCP 24.143.207.26 443 Blocked by IP Blocklist 0 0
7:21:05 AM SEAMONKEY.EXE OUT TCP 24.143.207.18 443 Blocked by IP Blocklist 0 0
7:21:06 AM SEAMONKEY.EXE OUT TCP 24.143.207.27 443 Blocked by IP Blocklist 0 0
7:21:06 AM SEAMONKEY.EXE OUT TCP 24.143.207.26 443 Blocked by IP Blocklist 0 0
7:21:06 AM SEAMONKEY.EXE OUT TCP 24.143.207.18 443 Blocked by IP Blocklist 0 0
7:21:05 AM SEAMONKEY.EXE OUT TCP 24.143.207.27 443 Blocked by IP Blocklist 0 0
7:21:05 AM SEAMONKEY.EXE OUT TCP 24.143.207.26 443 Blocked by IP Blocklist 0 0
7:21:05 AM SEAMONKEY.EXE OUT TCP 24.143.207.18 443 Blocked by IP Blocklist 0 0
7:21:06 AM SEAMONKEY.EXE OUT TCP 24.143.207.27 443 Blocked by IP Blocklist 0 0
7:21:06 AM SEAMONKEY.EXE OUT TCP 24.143.207.26 443 Blocked by IP Blocklist 0 0
7:21:06 AM SEAMONKEY.EXE OUT TCP 24.143.207.18 443 Blocked by IP Blocklist 0 0
7:21:05 AM SEAMONKEY.EXE OUT TCP 24.143.207.27 443 Blocked by IP Blocklist 0 0
7:21:05 AM SEAMONKEY.EXE OUT TCP 24.143.207.26 443 Blocked by IP Blocklist 0 0
7:21:05 AM SEAMONKEY.EXE OUT TCP 24.143.207.18 443 Blocked by IP Blocklist 0 0
7:19:10 AM SEAMONKEY.EXE OUT TCP 24.143.207.241 80 Blocked by IP Blocklist 0 0
7:19:10 AM SEAMONKEY.EXE OUT TCP 24.143.207.224 80 Blocked by IP Blocklist 0 0
7:19:10 AM SEAMONKEY.EXE OUT TCP 24.143.207.241 80 Blocked by IP Blocklist 0 0
7:19:10 AM SEAMONKEY.EXE OUT TCP 24.143.207.224 80 Blocked by IP Blocklist 0 0
7:19:04 AM SEAMONKEY.EXE OUT TCP 24.143.207.43 80 Blocked by IP Blocklist 0 0
7:19:04 AM SEAMONKEY.EXE OUT TCP 24.143.207.18 80 Blocked by IP Blocklist 0 0
7:18:58 AM SEAMONKEY.EXE OUT TCP 24.143.207.43 80 Blocked by IP Blocklist 0 0
7:18:58 AM SEAMONKEY.EXE OUT TCP 24.143.207.18 80 Blocked by IP Blocklist 0 0
7:18:52 AM SEAMONKEY.EXE OUT TCP 24.143.207.43 80 Blocked by IP Blocklist 0 0
7:18:52 AM SEAMONKEY.EXE OUT TCP 24.143.207.243 80 Blocked by IP Blocklist 0 0
7:18:52 AM SEAMONKEY.EXE OUT TCP 24.143.207.19 80 Blocked by IP Blocklist 0 0
7:18:52 AM SEAMONKEY.EXE OUT TCP 24.143.207.43 80 Blocked by IP Blocklist 0 0
7:06:09 AM SVCHOST.EXE OUT TCP 24.143.207.18 80 Blocked by IP Blocklist 0 0
7:06:09 AM SVCHOST.EXE OUT TCP 24.143.207.241 80 Blocked by IP Blocklist 0 0
7:06:09 AM SVCHOST.EXE OUT TCP 24.143.207.18 80 Blocked by IP Blocklist 0 0
7:06:09 AM SVCHOST.EXE OUT TCP 24.143.207.241 80 Blocked by IP Blocklist 0 0
7:06:09 AM SVCHOST.EXE OUT TCP 24.143.207.18 80 Blocked by IP Blocklist 0 0
7:06:09 AM SVCHOST.EXE OUT TCP 24.143.207.18 80 Blocked by IP Blocklist 0 0
7:06:09 AM SVCHOST.EXE OUT TCP 24.143.207.241 80 Blocked by IP Blocklist 0 0
7:06:09 AM SVCHOST.EXE OUT TCP 24.143.207.18 80 Blocked by IP Blocklist 0 0
7:06:09 AM SVCHOST.EXE OUT TCP 24.143.207.241 80 Blocked by IP Blocklist 0 0
7:05:30 AM SYSTEM  OUT UDP 24.143.207.241 137 Blocked by IP Blocklist 0 0
7:05:21 AM SYSTEM  OUT UDP 24.143.207.18 137 Blocked by IP Blocklist 0 0
7:01:09 AM SVCHOST.EXE OUT TCP 24.143.207.18 80 Blocked by IP Blocklist 0 0
7:01:09 AM SVCHOST.EXE OUT TCP 24.143.207.241 80 Blocked by IP Blocklist 0 0
7:01:09 AM SVCHOST.EXE OUT TCP 24.143.207.18 80 Blocked by IP Blocklist 0 0
7:01:09 AM SVCHOST.EXE OUT TCP 24.143.207.241 80 Blocked by IP Blocklist 0 0
7:01:08 AM SVCHOST.EXE OUT TCP 24.143.207.18 80 Blocked by IP Blocklist 0 0
7:01:08 AM SVCHOST.EXE OUT TCP 24.143.207.241 80 Blocked by IP Blocklist 0 0
7:01:08 AM SVCHOST.EXE OUT TCP 24.143.207.18 80 Blocked by IP Blocklist 0 0
7:01:08 AM SVCHOST.EXE OUT TCP 24.143.207.241 80 Blocked by IP Blocklist 0 0
7:01:08 AM SVCHOST.EXE OUT TCP 24.143.207.18 80 Blocked by IP Blocklist 0 0
7:01:08 AM SVCHOST.EXE OUT TCP 24.143.207.241 80 Blocked by IP Blocklist 0 0
7:01:09 AM SVCHOST.EXE OUT TCP 24.143.207.18 80 Blocked by IP Blocklist 0 0
7:01:09 AM SVCHOST.EXE OUT TCP 24.143.207.241 80 Blocked by IP Blocklist 0 0
7:01:09 AM SVCHOST.EXE OUT TCP 24.143.207.18 80 Blocked by IP Blocklist 0 0
7:01:09 AM SVCHOST.EXE OUT TCP 24.143.207.241 80 Blocked by IP Blocklist 0 0
7:01:08 AM SVCHOST.EXE OUT TCP 24.143.207.18 80 Blocked by IP Blocklist 0 0
7:01:08 AM SVCHOST.EXE OUT TCP 24.143.207.241 80 Blocked by IP Blocklist 0 0
7:01:08 AM SVCHOST.EXE OUT TCP 24.143.207.18 80 Blocked by IP Blocklist 0 0
7:01:08 AM SVCHOST.EXE OUT TCP 24.143.207.241 80 Blocked by IP Blocklist 0 0
7:01:08 AM SVCHOST.EXE OUT TCP 24.143.207.18 80 Blocked by IP Blocklist 0 0
7:01:08 AM SVCHOST.EXE OUT TCP 24.143.207.241 80 Blocked by IP Blocklist 0 0
7:01:09 AM SVCHOST.EXE OUT TCP 24.143.207.18 80 Blocked by IP Blocklist 0 0
7:01:09 AM SVCHOST.EXE OUT TCP 24.143.207.241 80 Blocked by IP Blocklist 0 0
7:01:09 AM SVCHOST.EXE OUT TCP 24.143.207.18 80 Blocked by IP Blocklist 0 0
7:01:09 AM SVCHOST.EXE OUT TCP 24.143.207.241 80 Blocked by IP Blocklist 0 0
7:01:08 AM SVCHOST.EXE OUT TCP 24.143.207.18 80 Blocked by IP Blocklist 0 0
7:01:08 AM SVCHOST.EXE OUT TCP 24.143.207.241 80 Blocked by IP Blocklist 0 0
7:01:08 AM SVCHOST.EXE OUT TCP 24.143.207.18 80 Blocked by IP Blocklist 0 0
7:01:08 AM SVCHOST.EXE OUT TCP 24.143.207.241 80 Blocked by IP Blocklist 0 0
7:01:08 AM SVCHOST.EXE OUT TCP 24.143.207.18 80 Blocked by IP Blocklist 0 0
7:01:08 AM SVCHOST.EXE OUT TCP 24.143.207.241 80 Blocked by IP Blocklist 0 0
7:05:30 AM SYSTEM  OUT UDP 24.143.207.241 137 Blocked by IP Blocklist 0 0
7:01:09 AM SVCHOST.EXE OUT TCP 24.143.207.18 80 Blocked by IP Blocklist 0 0
7:01:09 AM SVCHOST.EXE OUT TCP 24.143.207.241 80 Blocked by IP Blocklist 0 0
7:01:09 AM SVCHOST.EXE OUT TCP 24.143.207.18 80 Blocked by IP Blocklist 0 0
7:01:09 AM SVCHOST.EXE OUT TCP 24.143.207.241 80 Blocked by IP Blocklist 0 0
7:01:08 AM SVCHOST.EXE OUT TCP 24.143.207.18 80 Blocked by IP Blocklist 0 0
7:01:08 AM SVCHOST.EXE OUT TCP 24.143.207.241 80 Blocked by IP Blocklist 0 0
7:01:08 AM SVCHOST.EXE OUT TCP 24.143.207.18 80 Blocked by IP Blocklist 0 0
7:01:08 AM SVCHOST.EXE OUT TCP 24.143.207.241 80 Blocked by IP Blocklist 0 0
7:01:08 AM SVCHOST.EXE OUT TCP 24.143.207.18 80 Blocked by IP Blocklist 0 0
7:01:08 AM SVCHOST.EXE OUT TCP 24.143.207.241 80 Blocked by IP Blocklist 0 0
7:00:08 AM SVCHOST.EXE OUT TCP 24.143.207.18 80 Blocked by IP Blocklist 0 0
7:00:08 AM SVCHOST.EXE OUT TCP 24.143.207.241 80 Blocked by IP Blocklist 0 0
7:00:08 AM SVCHOST.EXE OUT TCP 24.143.207.18 80 Blocked by IP Blocklist 0 0
7:00:08 AM SVCHOST.EXE OUT TCP 24.143.207.241 80 Blocked by IP Blocklist 0 0
7:00:08 AM SVCHOST.EXE OUT TCP 24.143.207.18 80 Blocked by IP Blocklist 0 0
7:00:08 AM SVCHOST.EXE OUT TCP 24.143.207.241 80 Blocked by IP Blocklist 0 0
7:00:08 AM SVCHOST.EXE OUT TCP 24.143.207.18 80 Blocked by IP Blocklist 0 0
7:00:08 AM SVCHOST.EXE OUT TCP 24.143.207.241 80 Blocked by IP Blocklist 0 0
7:00:08 AM SVCHOST.EXE OUT TCP 24.143.207.18 80 Blocked by IP Blocklist 0 0
7:00:08 AM SVCHOST.EXE OUT TCP 24.143.207.241 80 Blocked by IP Blocklist 0 0




Posted by John Dodrill at 12/28/2011 9:22 AM
Categories: uncategorized
Tags: exploit exploits Firefox Thunderbird SeaMonkey vulnerability vulnerabilities 24.143.207.243 137 24.143.207.27 24.143.207.18 24.143.207.241 24.143.207.19 24.143.207.43 24.143.207.243
Previous Post
Next Post

 

What did you think of this article?




Trackbacks
Trackback specific URL for this post
  • No trackbacks exist for this post.
Comments
  • No comments exist for this post.
Leave a comment

Submitted comments are subject to moderation before being displayed.

 Name (required)

 Email (will not be published) (required)

 Website

Your comment is 0 characters limited to 3000 characters.