Bug 913066 - (CVE-2014-8639) VUL-0: CVE-2014-8639: MozillaFirefox: Cookie injection through Proxy Authenticate responses (MFSA 2015-04)
(CVE-2014-8639)
VUL-0: CVE-2014-8639: MozillaFirefox: Cookie injection through Proxy Authenti...
Status: RESOLVED FIXED
Classification: Novell Products
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents
unspecified
Other Other
: P3 - Medium : Normal
: ---
Assigned To: Petr Cerny
Security Team bot
https://smash.suse.de/issue/112327/
maint:released:sle10-sp3:60233 maint:...
:
Depends on: 910669
Blocks:
  Show dependency treegraph
 
Reported: 2015-01-14 10:32 UTC by Victor Pereira
Modified: 2015-02-02 14:18 UTC (History)
1 user (show)

See Also:
Found By: Security Response Team
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Victor Pereira 2015-01-14 10:32:07 UTC
CVE-2014-8639

Security researcher Xiaofeng Zheng of the Blue Lotus Team at Tsinghua University reported reported that a Web Proxy returning a 407 Proxy Authentication response with a Set-Cookie header could inject cookies into the originally requested domain. This could be used for session-fixation attacks. This attack only allows cookies to be written but does not allow them to be read.

In general this flaw cannot be exploited through email in the Thunderbird product, but is potentially a risk in browser or browser-like contexts.


References:
http://www.mozilla.org/security/announce/2015/mfsa2015-04.html
https://bugzilla.redhat.com/show_bug.cgi?id=1180967
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-8639
https://rhn.redhat.com/errata/RHSA-2015-0047.html
https://rhn.redhat.com/errata/RHSA-2015-0046.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8639
Comment 1 Swamp Workflow Management 2015-01-14 23:01:53 UTC
bugbot adjusting priority
Comment 2 Swamp Workflow Management 2015-01-15 10:15:38 UTC
An update workflow for this issue was started.
This issue was rated as important.
Please submit fixed packages until 2015-01-22.
When done, reassign the bug to security-team@suse.de.
https://swamp.suse.de/webswamp/wf/60231
Comment 3 Swamp Workflow Management 2015-01-31 00:10:00 UTC
SUSE-SU-2015:0180-1: An update that solves 8 vulnerabilities and has one errata is now available.

Category: security (important)
Bug References: 910647,910669,913064,913066,913067,913068,913102,913103,913104
CVE References: CVE-2014-1569,CVE-2014-8634,CVE-2014-8636,CVE-2014-8637,CVE-2014-8638,CVE-2014-8639,CVE-2014-8640,CVE-2014-8641
Sources used:
SUSE Linux Enterprise Software Development Kit 11 SP3 (src):    MozillaFirefox-31.4.0esr-0.8.7, mozilla-nss-3.17.3-0.8.11
SUSE Linux Enterprise Server 11 SP3 for VMware (src):    MozillaFirefox-31.4.0esr-0.8.7, mozilla-nss-3.17.3-0.8.11
SUSE Linux Enterprise Server 11 SP3 (src):    MozillaFirefox-31.4.0esr-0.8.7, mozilla-nss-3.17.3-0.8.11
SUSE Linux Enterprise Desktop 11 SP3 (src):    MozillaFirefox-31.4.0esr-0.8.7, mozilla-nss-3.17.3-0.8.11
Comment 4 Marcus Meissner 2015-02-02 14:18:55 UTC
released