Juniper Networks
Solutions
Products & Services
Company
Partners
Support
Education

Signature Detail

Security Intelligence Center
Signatures
Print

Short Name

 HTTP:INFO:IDN-HOSTNAME

Severity

 Medium

Recommended

 No

Category

 HTTP

Keywords

 IDN Hostname

Release Date

 2005/04/19

Update Number

 1213

Supported Platforms

 idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+

HTTP: IDN Hostname


This signature detects foreign characters in a hostname. Attackers can register a domain name that uses non-Latin international characters, then use the hostname to disguise the actual URL of a malicious Web site.

Extended Description

Multiple browsers are reported prone to vulnerabilities that surround the handling of International Domain Names. The vulnerabilities are caused by inconsistencies in how International Domain Names are processed. Reports indicate that attackers can leverage this to spoof address bars, status bars, and SSL certificate values. Remote attackers may exploit these vulnerabilities in phishing-style attacks. Through a false sense of trust, users may voluntarily disclose sensitive information to a malicious website. Although these vulnerabilities are reported to affect browsers, mail clients that depend on the browser to generate HTML code may also be affected.

Affected Products

  • ALT Linux ALT Linux Compact 2.3.0
  • ALT Linux ALT Linux Junior 2.3.0
  • Apple Mac OS X 10.0.0
  • Apple Mac OS X 10.0.0 3
  • Apple Mac OS X 10.0.1
  • Apple Mac OS X 10.0.2
  • Apple Mac OS X 10.0.3
  • Apple Mac OS X 10.0.4
  • Apple Mac OS X 10.1.0
  • Apple Mac OS X 10.1.1
  • Apple Mac OS X 10.1.2
  • Apple Mac OS X 10.1.3
  • Apple Mac OS X 10.1.4
  • Apple Mac OS X 10.1.5
  • Apple Mac OS X 10.2.0
  • Apple Mac OS X 10.2.1
  • Apple Mac OS X 10.2.2
  • Apple Mac OS X 10.2.3
  • Apple Mac OS X 10.2.4
  • Apple Mac OS X 10.2.5
  • Apple Mac OS X 10.2.6
  • Apple Mac OS X 10.2.7
  • Apple Mac OS X 10.2.8
  • Apple Mac OS X 10.3.0
  • Apple Mac OS X 10.3.1
  • Apple Mac OS X 10.3.2
  • Apple Mac OS X 10.3.3
  • Apple Mac OS X 10.3.4
  • Apple Mac OS X 10.3.5
  • Apple Mac OS X 10.3.6
  • Apple Mac OS X 10.3.7
  • Apple Mac OS X 10.3.8
  • Apple Mac OS X Server 10.0.0
  • Apple Mac OS X Server 10.1.0
  • Apple Mac OS X Server 10.1.1
  • Apple Mac OS X Server 10.1.2
  • Apple Mac OS X Server 10.1.3
  • Apple Mac OS X Server 10.1.4
  • Apple Mac OS X Server 10.1.5
  • Apple Mac OS X Server 10.2.0
  • Apple Mac OS X Server 10.2.1
  • Apple Mac OS X Server 10.2.2
  • Apple Mac OS X Server 10.2.3
  • Apple Mac OS X Server 10.2.4
  • Apple Mac OS X Server 10.2.5
  • Apple Mac OS X Server 10.2.6
  • Apple Mac OS X Server 10.2.7
  • Apple Mac OS X Server 10.2.8
  • Apple Mac OS X Server 10.3.0
  • Apple Mac OS X Server 10.3.1
  • Apple Mac OS X Server 10.3.2
  • Apple Mac OS X Server 10.3.3
  • Apple Mac OS X Server 10.3.4
  • Apple Mac OS X Server 10.3.5
  • Apple Mac OS X Server 10.3.6
  • Apple Mac OS X Server 10.3.7
  • Apple Mac OS X Server 10.3.8
  • Apple Safari 1.0.0
  • Apple Safari 1.1.0
  • Apple Safari 1.2.0
  • Apple Safari 1.2.1
  • Apple Safari 1.2.2
  • Apple Safari 1.2.3
  • Apple Safari Beta 2
  • Conectiva Linux 10.0.0
  • Conectiva Linux 9.0.0
  • CoreStreet SpoofStick 1.4.0
  • Gentoo Linux
  • HP HP-UX B.11.00
  • HP HP-UX B.11.11
  • HP HP-UX B.11.22
  • HP HP-UX B.11.23
  • KDE 3.2.0
  • KDE 3.2.1
  • KDE 3.2.2
  • KDE 3.2.3
  • KDE 3.3.0
  • KDE 3.3.1
  • KDE 3.3.2
  • KDE kdelibs 3.3.1
  • KDE Konqueror 2.1.1
  • KDE Konqueror 2.1.2
  • KDE Konqueror 2.2.1
  • KDE Konqueror 2.2.2
  • KDE Konqueror 3.0.0
  • KDE Konqueror 3.0.1
  • KDE Konqueror 3.0.2
  • KDE Konqueror 3.0.3
  • KDE Konqueror 3.0.5
  • KDE Konqueror 3.0.5 b
  • KDE Konqueror 3.1.0
  • KDE Konqueror 3.1.1
  • KDE Konqueror 3.1.2
  • KDE Konqueror 3.1.3
  • KDE Konqueror 3.1.4
  • KDE Konqueror 3.1.5
  • KDE Konqueror 3.2.1
  • KDE Konqueror 3.2.2 -6
  • KDE Konqueror 3.2.3
  • KDE Konqueror 3.3.0
  • KDE Konqueror 3.3.1
  • KDE Konqueror 3.3.2
  • Mandriva Corporate Server 3.0.0
  • Mandriva Corporate Server 3.0.0 X86 64
  • Mandriva Linux Mandrake 10.0.0
  • Mandriva Linux Mandrake 10.0.0 amd64
  • Mandriva Linux Mandrake 10.1.0
  • Mandriva Linux Mandrake 10.1.0 X86 64
  • Mozilla Browser 0.8.0
  • Mozilla Browser 0.9.2
  • Mozilla Browser 0.9.2 .1
  • Mozilla Browser 0.9.3
  • Mozilla Browser 0.9.35
  • Mozilla Browser 0.9.4
  • Mozilla Browser 0.9.4 .1
  • Mozilla Browser 0.9.48
  • Mozilla Browser 0.9.5
  • Mozilla Browser 0.9.6
  • Mozilla Browser 0.9.7
  • Mozilla Browser 0.9.8
  • Mozilla Browser 0.9.9
  • Mozilla Browser 1.0.0
  • Mozilla Browser 1.0.0 RC1
  • Mozilla Browser 1.0.0 RC2
  • Mozilla Browser 1.0.1
  • Mozilla Browser 1.0.2
  • Mozilla Browser 1.1.0
  • Mozilla Browser 1.1.0 Alpha
  • Mozilla Browser 1.1.0 Beta
  • Mozilla Browser 1.2.0
  • Mozilla Browser 1.2.0 Alpha
  • Mozilla Browser 1.2.0 Beta
  • Mozilla Browser 1.2.1
  • Mozilla Browser 1.3.0
  • Mozilla Browser 1.3.1
  • Mozilla Browser 1.4.0
  • Mozilla Browser 1.4.0 A
  • Mozilla Browser 1.4.0 B
  • Mozilla Browser 1.4.1
  • Mozilla Browser 1.4.2
  • Mozilla Browser 1.5.0
  • Mozilla Browser 1.5.1
  • Mozilla Browser 1.6.0
  • Mozilla Browser 1.7.0
  • Mozilla Browser 1.7.0 Alpha
  • Mozilla Browser 1.7.0 Beta
  • Mozilla Browser 1.7.0 Rc1
  • Mozilla Browser 1.7.0 Rc2
  • Mozilla Browser 1.7.0 Rc3
  • Mozilla Browser 1.7.1
  • Mozilla Browser 1.7.2
  • Mozilla Browser 1.7.3
  • Mozilla Browser 1.7.4
  • Mozilla Browser 1.7.5
  • Mozilla Browser 1.8.0 Alpha 1
  • Mozilla Browser 1.8.0 Alpha 2
  • Mozilla Browser 1.8.0 Alpha 3
  • Mozilla Browser 1.8.0 Alpha 4
  • Mozilla Browser M15
  • Mozilla Browser M16
  • Mozilla Camino 0.7.0 .0
  • Mozilla Camino 0.8.0
  • Mozilla Firebird 0.5.0
  • Mozilla Firebird 0.6.1
  • Mozilla Firebird 0.7.0
  • Mozilla Firefox 0.10.0
  • Mozilla Firefox 0.10.1
  • Mozilla Firefox 0.8.0
  • Mozilla Firefox 0.9.0
  • Mozilla Firefox 0.9.0 Rc
  • Mozilla Firefox 0.9.1
  • Mozilla Firefox 0.9.2
  • Mozilla Firefox 0.9.3
  • Mozilla Firefox 1.0.0
  • Mozilla Firefox Preview Release
  • Mozilla Thunderbird 0.6.0
  • Mozilla Thunderbird 0.7.0
  • Mozilla Thunderbird 0.7.1
  • Mozilla Thunderbird 0.7.2
  • Mozilla Thunderbird 0.7.3
  • Mozilla Thunderbird 0.8.0
  • Mozilla Thunderbird 0.9.0
  • Mozilla Thunderbird 1.0.0
  • Netscape 7.0.0
  • Netscape 7.1.0
  • Netscape 7.2.0
  • Novell Linux Desktop 9
  • Omni Group OmniWeb 4.0.6
  • Omni Group OmniWeb 4.1.0 beta11
  • Omni Group OmniWeb 4.5.0
  • Omni Group OmniWeb 5.0.1
  • Opera Software Opera Web Browser 5.0.0 2 Win32
  • Opera Software Opera Web Browser 5.0.0 Linux
  • Opera Software Opera Web Browser 5.0.0 Mac
  • Opera Software Opera Web Browser 5.1.0 0 Win32
  • Opera Software Opera Web Browser 5.1.0 1 Win32
  • Opera Software Opera Web Browser 5.12.0
  • Opera Software Opera Web Browser 5.12.0 Win32
  • Opera Software Opera Web Browser 6.0.0
  • Opera Software Opera Web Browser 6.0.0 6
  • Opera Software Opera Web Browser 6.0.0 .6Win32
  • Opera Software Opera Web Browser 6.0.0 Win32
  • Opera Software Opera Web Browser 6.0.1
  • Opera Software Opera Web Browser 6.0.1 Linux
  • Opera Software Opera Web Browser 6.0.1 Win32
  • Opera Software Opera Web Browser 6.0.2 Linux
  • Opera Software Opera Web Browser 6.0.2 Win32
  • Opera Software Opera Web Browser 6.0.3 Linux
  • Opera Software Opera Web Browser 6.0.3 Win32
  • Opera Software Opera Web Browser 6.0.4 Win32
  • Opera Software Opera Web Browser 6.0.5 Win32
  • Opera Software Opera Web Browser 6.10.0 Linux
  • Opera Software Opera Web Browser 7.0.0 1Win32
  • Opera Software Opera Web Browser 7.0.0 2Win32
  • Opera Software Opera Web Browser 7.0.0 3Win32
  • Opera Software Opera Web Browser 7.0.0 Win32
  • Opera Software Opera Web Browser 7.0.0 Win32 Beta 1
  • Opera Software Opera Web Browser 7.0.0 Win32 Beta 2
  • Opera Software Opera Web Browser 7.10.0
  • Opera Software Opera Web Browser 7.11.0
  • Opera Software Opera Web Browser 7.11.0 B
  • Opera Software Opera Web Browser 7.11.0 J
  • Opera Software Opera Web Browser 7.20.0
  • Opera Software Opera Web Browser 7.20.0 Beta 1 Build 2981
  • Opera Software Opera Web Browser 7.21.0
  • Opera Software Opera Web Browser 7.22.0
  • Opera Software Opera Web Browser 7.23.0
  • Opera Software Opera Web Browser 7.50.0
  • Opera Software Opera Web Browser 7.51.0
  • Opera Software Opera Web Browser 7.52.0
  • Opera Software Opera Web Browser 7.53.0
  • Opera Software Opera Web Browser 7.54.0
  • Red Hat Advanced Workstation for the Itanium Processor 2.1.0
  • Red Hat Advanced Workstation for the Itanium Processor 2.1.0 IA64
  • Red Hat Desktop 3.0.0
  • Red Hat Enterprise Linux AS 2.1
  • Red Hat Enterprise Linux AS 2.1 IA64
  • Red Hat Enterprise Linux AS 3
  • Red Hat Enterprise Linux ES 2.1
  • Red Hat Enterprise Linux ES 2.1 IA64
  • Red Hat Enterprise Linux ES 3
  • Red Hat Enterprise Linux WS 2.1
  • Red Hat Enterprise Linux WS 2.1 IA64
  • Red Hat Enterprise Linux WS 3
  • Red Hat Fedora Core1
  • Red Hat Fedora Core2
  • Red Hat Fedora Core3
  • Red Hat Linux 7.3.0
  • Red Hat Linux 7.3.0 I386
  • Red Hat Linux 7.3.0 I686
  • Red Hat Linux 9.0.0 I386
  • SGI ProPack 3.0.0
  • SuSE Linux 8.0.0
  • SuSE Linux 8.0.0 i386
  • SuSE Linux 8.1.0
  • SuSE Linux Personal 8.2.0
  • SuSE Linux Personal 9.0.0
  • SuSE Linux Personal 9.0.0 X86 64
  • SuSE Linux Personal 9.1.0
  • SuSE Linux Personal 9.1.0 X86 64
  • SuSE Linux Personal 9.2.0
  • SuSE Linux Personal 9.2.0 X86 64
  • SuSE Linux Personal 9.3.0
  • SuSE Linux Personal 9.3.0 X86 64
  • SuSE SUSE Linux Enterprise Server 9
  • VeriSign i-Nav

References

  • BugTraq: 12461
  • CVE: CVE-2005-0233
  • URL: http://www.mozilla.org/security/announce/mfsa2005-29.html
  • URL: http://lists.grok.org.uk/pipermail/full-disclosure/2005-February/031459.html
  • URL: http://www.shmoo.com/idn/homograph.txt

Site Map
RSS Feeds
Careers
Accessibility
Feedback
Privacy Policy
Legal Notices
Copyright © 1999-2010 Juniper Networks, Inc. All rights reserved.
Help
|
My Account
|
Log Out