An 18-year-old vulnerability has been discovered in Chrome, Firefox and Safari browsers – they incorrectly process the address 0.0.0.0

Google Chrome, Apple Safari, and Mozilla Firefox browsers do not correctly handle requests to IP address 0.0.0.0, directing requests to other addresses, including localhost, which is often used when developing code. Hackers have already exploited this vulnerability by sending requests to their victim’s 0.0.0.0 address, which gave them access to sensitive information, cybersecurity experts at the Israeli company Oligo said. They named this attack pattern “0.0.0.0-day.”

Image source: Pete Linforth / pixabay.com

In this attack scheme, the attacker tricks their victim into visiting a site that appears harmless, but sends a malicious request to access files via address 0.0.0.0. At the first stage of the invasion, the hacker can gain access to the developer’s code and internal messages; but this attack also opens access to the victim’s local network. This means that the scheme is limited to attacking only individuals and companies that host the web servers themselves.

The 0.0.0.0-day mechanism allows, for example, to run malicious code on a server hosting the Ray AI framework, which is used to train artificial intelligence by the largest companies, including Amazon and Intel. This is not a theoretical threat—Google cybersecurity engineer David Adrian spoke about malware exploiting this vulnerability. This type of attack is possible on computers running macOS and Linux, but not Windows—Microsoft has blocked access to the 0.0.0.0 address across the entire OS. Apple said it intends to block all attempts by sites to access this address in the macOS 15 Sequoia beta; cybersecurity experts at Google Chrome and Chromium plan to do the same.

But Mozilla is not yet ready to offer the same solution for Firefox – the browser developer said that this could cause crashes on servers using the 0.0.0.0 address as a replacement for localhost, so a standards-based solution needs to be made. But Israeli cybersecurity experts insist the threat is significant: “By allowing 0.0.0.0, you are allowing everything.” They intend to present a detailed report at the DEF CON conference in Las Vegas next weekend.

admin

Share
Published by
admin

Recent Posts

Blue Origin flew the 100th woman in history into space

Aerospace company Blue Origin successfully conducted its tenth suborbital flight, during which six tourists visited…

4 hours ago

The blogger showed how to beat Baldur’s Gate 3 without doing absolutely nothing in battle

Baldur's Gate 3 is full of situations where the success of the entire mission depends…

4 hours ago

Death of the Reprobate: what’s wrong with the picture? Review

Malcolm Shit, and. O. The Lord of the North, was very tired of hanging and…

4 hours ago