[ISN] Another Bug Found in Navigator

From: mea culpa (jerichot_private)
Date: Fri Oct 30 1998 - 14:50:37 PST

  • Next message: mea culpa: "[ISN] Cracking cybercrime"

    Forwarded From: phreak moi <hackerelitet_private>
    Another bug found in Navigator
    By Paul Festa
    Staff Writer, CNET News.com
    October 29, 1998, 4:20 p.m. PT
    The bug-battling efforts of Netscape Communications seem to be a case of
    The company today confirmed another caching bug in its Web browser, the
    fourth in recent weeks. 
    The latest problem would allow a malicious Web site operator or email
    sender swipe the contents of a user's browser cache and directory files.
    Two demonstrations that do just that are posted to the Web; one will read
    your cache, and the other will read your directory. 
    The bug is exploited using JavaScript, a scripting language developed by
    Netscape for interactive Web documents such as pop-up windows and forms.
    JavaScript is unrelated to the Java programming language, which was
    developed by Sun Microsystems. 
    The person who found the bug, Georgi Guninski, notified Netscape of the
    problem and will reap a $1,000 finder's fee for the discovery, Netscape
    said today in confirming the security hole. 
    The bug bears a striking resemblance to two others discovered by bug
    hunter Dan Brumleve. The first of those, dubbed Cache Cow, reveals cache
    contents and browsing history. Netscape patched that hole with version
    4.07 of the Navigator browser. 
    The second Brumleve discovery, Son of Cache Cow, affected version 4.07.
    Netscape fixed that in version 4.5, released last week; but Guninski's bug
    thwarts the patched upgrade. 
    Another recently discovered bug prevents Navigator from properly following
    Web sites' requests that the browser not cache certain pages.  In some
    scenarios involving shared computers, that could lead to breaches of
    security with user names, passwords, credit card numbers, and other
    private information. 
    Netscape and Guninski recommended disabling JavaScript as a workaround for
    the latest bug.  Netscape expects to release a patch or a patched upgrade
    of Navigator in the next two weeks. 
    Subscribe: mail majordomot_private with "subscribe isn".
    Today's ISN Sponsor: Repent Security Incorporated [www.repsec.com]

    This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 13:09:33 PDT