Browser Security News

The security hole that was closed this week in Firefox, with versions 1.5.0.11 and 2.0.0.3, now also affects the Opera and Konqueror Web browsers. Attackers may be able to exploit the vulnerability to spy on network topology by means of manipulated FTP servers. The FTP command PASV not only allows an alternative port to be sent to the FTP client in the browser for a connection, but also the respective IP address.

heise Security - News - FTP rerouting also possible in Opera and Konqueror