Off-Topic :
K-Meleon Web Browser Forum
This FireFox Chatzilla exploit is talked about in MozillaZine
http://www.theregister.co.uk/2010/01/30/firefox_interprotocol_attack/
N
NO problem for K-Meleon, we aren't used the Chatzilla IRC module.
K-Meleon in Spanish
Edited 1 time(s). Last edit at 02/07/2010 11:26AM by desga2.
desga2,
Alain earlier on and Disrupted now have put up Chatzilla for use with KM.
http://kmext.sourceforge.net/ext2.htm
I'm using it as we speak! <wry grin>
N
but i need this one: bugmenot-auto registeration( super thanks to matt, now i can spam and post obscenities in the honDUH-acura forums)
ok,seriously..that chatzilla bug has no affect on kmeleon because it will only activate when clicking on explioted irc hyper addresses and when the irc protocol is registered to chatzilla inside the browser
e.g like this address:
irc://freenodes.net/blahblah#freebsd
the above address on firefox with chatzilla will trigger chatzilla window to connect to that channel and enter the room.. but this will not happen in kmeleon with chatzilla
when chatzilla is installed in firefox, the protocol is registered at once to chatzilla and that's where the exploit lies so a site can be coded to include a bogus irc protocol that opens chatzilla to do nasty stuff
when chatzilla was ported to kmeleon the protocol registration was eliminated... to be honest, it wasn't removed because of a foresight of such a vulnerability but because it was too hard to register in kmeleon due to lack of certain services and not really useful so chatzilla can only be opened manually in kmeleon from its menu command and therefore that vulnerability does not exist at all on km+chatzilla
instant relaxation:
http://home.htp-tel.de/sterntaler/index1.html
fireworks @ ikenhatu pond +cours des choses
thank you gunter
desga2,
Funny Guy!!!
I guess you're moving to Chrome next, no???
<g,d&r>
N
disrupted,
Very good... accidental security provided by KM once again! <VBG>
N
All which isn't K-Meleon related.
Chatzilla module Vulnerable?
Posted by:
ndebord
Date: February 07, 2010 03:40AM
This FireFox Chatzilla exploit is talked about in MozillaZine
http://www.theregister.co.uk/2010/01/30/firefox_interprotocol_attack/
N
Re: Chatzilla module Vulnerable?
Posted by:
desga2
Date: February 07, 2010 11:26AM
NO problem for K-Meleon, we aren't used the Chatzilla IRC module.
K-Meleon in SpanishEdited 1 time(s). Last edit at 02/07/2010 11:26AM by desga2.
Re: Chatzilla module Vulnerable?
Posted by:
ndebord
Date: February 07, 2010 04:39PM
Quote
desga2
NO problem for K-Meleon, we aren't used the Chatzilla IRC module.
desga2,
Alain earlier on and Disrupted now have put up Chatzilla for use with KM.
http://kmext.sourceforge.net/ext2.htm
I'm using it as we speak! <wry grin>
N
Re: Chatzilla module Vulnerable?
Posted by:
disrupted
Date: February 07, 2010 06:54PM
Quote
desga2
mmmmm... extensions, Who need it?
but i need this one: bugmenot-auto registeration( super thanks to matt, now i can spam and post obscenities in the honDUH-acura forums
)
ok,seriously..that chatzilla bug has no affect on kmeleon because it will only activate when clicking on explioted irc hyper addresses and when the irc protocol is registered to chatzilla inside the browser
e.g like this address:
irc://freenodes.net/blahblah#freebsd
the above address on firefox with chatzilla will trigger chatzilla window to connect to that channel and enter the room.. but this will not happen in kmeleon with chatzilla
when chatzilla is installed in firefox, the protocol is registered at once to chatzilla and that's where the exploit lies so a site can be coded to include a bogus irc protocol that opens chatzilla to do nasty stuff
when chatzilla was ported to kmeleon the protocol registration was eliminated... to be honest, it wasn't removed because of a foresight of such a vulnerability but because it was too hard to register in kmeleon due to lack of certain services and not really useful so chatzilla can only be opened manually in kmeleon from its menu command and therefore that vulnerability does not exist at all on km+chatzilla
instant relaxation:
http://home.htp-tel.de/sterntaler/index1.html
fireworks @ ikenhatu pond +cours des choses
thank you gunter
Re: Chatzilla module Vulnerable?
Posted by:
ndebord
Date: February 07, 2010 08:53PM
Quote
desga2
mmmmm... extensions, Who need it?
desga2,
Funny Guy!!!
I guess you're moving to Chrome next, no???
<g,d&r>
N
Re: Chatzilla module Vulnerable?
Posted by:
ndebord
Date: February 07, 2010 08:54PM
Quote
disrupted
Quote
desga2
mmmmm... extensions, Who need it?
but i need this one: bugmenot-auto registeration( super thanks to matt, now i can spam and post obscenities in the honDUH-acura forums
ok,seriously..that chatzilla bug has no affect on kmeleon because it will only activate when clicking on explioted irc hyper addresses and when the irc protocol is registered to chatzilla inside the browser
e.g like this address:
irc://freenodes.net/blahblah#freebsd
the above address on firefox with chatzilla will trigger chatzilla window to connect to that channel and enter the room.. but this will not happen in kmeleon with chatzilla
when chatzilla is installed in firefox, the protocol is registered at once to chatzilla and that's where the exploit lies so a site can be coded to include a bogus irc protocol that opens chatzilla to do nasty stuff
when chatzilla was ported to kmeleon the protocol registration was eliminated... to be honest, it wasn't removed because of a foresight of such a vulnerability but because it was too hard to register in kmeleon due to lack of certain services and not really useful so chatzilla can only be opened manually in kmeleon from its menu command and therefore that vulnerability does not exist at all on km+chatzilla
instant relaxation:
http://home.htp-tel.de/sterntaler/index1.html
fireworks @ ikenhatu pond +cours des choses
thank you gunter
disrupted,
Very good... accidental security provided by KM once again! <VBG>
N
English