HTTP: IDN Hostname
This signature detects foreign characters in a hostname. Attackers can register a domain name that uses non-Latin international characters, then use the hostname to disguise the actual URL of a malicious Web site.
Extended Description
Multiple browsers are reported prone to vulnerabilities that surround the handling of International Domain Names. The vulnerabilities are caused by inconsistencies in how International Domain Names are processed. Reports indicate that attackers can leverage this to spoof address bars, status bars, and SSL certificate values. Remote attackers may exploit these vulnerabilities in phishing-style attacks. Through a false sense of trust, users may voluntarily disclose sensitive information to a malicious website. Although these vulnerabilities are reported to affect browsers, mail clients that depend on the browser to generate HTML code may also be affected.
Affected Products
Mozilla browser
Short Name
HTTP:INFO:IDN-HOSTNAME
Severity
Minor
Recommended
False
Recommended Action
None
Category
HTTP
Keywords
CVE-2005-0233 Hostname IDN bid:12461
Release Date
04/19/2005
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3375
False Positive
Frequently
Vendors
Red_hat
Conectiva
Suse
Apple
Gentoo
Hp
Kde
Corestreet
Mozilla
Omni_group
Novell
Sgi
Opera_software
Mandriva
Verisign
Netscape
Alt_linux
CVSS Score
7.5