Opera *nixed by security bug
PrintPatch issued, world peace secured
Posted in Enterprise Security, 24th November 2005 16:56 GMT
Free whitepaper – Avoiding 7 common mistakes of IT security compliance
Opera users on *nix platforms are been urged to update their browser software following the discovery of a security flaw that creates a means for hackers to compromise vulnerable systems.
The vulnerability stems from a security flaw in a shell script used by Opera to safely parse shell commands. That means Opera on Unix might execute a command line embedded in a URL. Exploitation would involve tricking users of applications that uses Opera as the default browser (e.g. the mail client Evolution on Red Hat Enterprise Linux 4) into following a malicious link. The vulnerability can only be exploited on Unix / Linux based environments, according to security notification firm Secunia.
The vulnerability has been confirmed in version 8.5 on Red Hat Enterprise Linux 4. Other versions and platforms may also be affected. Users are urged to update to version 8.51 to defend against attack. Opera's advisory can be found here. ®
Free whitepaper – Vulnerability management buyer's checklist
Analyst Keynote: The Register Agile Data Center Summit
What Exchange can't do - and Dell can
Enabling The Agile Data Center
Analyst Keynote: The Register Agile Data Center Summit
Breaching Fort Apache.org - What went wrong?
Snow Leopard security - The good, the bad and the missing
US Dems fill inboxes with 419 scams
BlockMaster SafeStick hardware-encrypted USB drive