Re: Another Netscape 4.07 cache reading bug

From: Ken Williams (jkwilli2at_private)
Date: Thu Oct 08 1998 - 21:22:12 PDT

Next message: Simple Nomad: "Last (hopefully) update on GroupWise"

Previous message: costello, don: "Re: More Rconsole stuff"
Maybe in reply to: Georgi Guninski: "Another Netscape 4.07 cache reading bug"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

-----BEGIN PGP SIGNED MESSAGE-----

On Thu, 8 Oct 1998, Georgi Guninski wrote:

>| Date: Thu, 8 Oct 1998 22:20:19 -0400
>| From: Georgi Guninski <guninskiat_private>
>| To: BUGTRAQat_private
>| Subject: Another Netscape 4.07 cache reading bug
>|
>| I have found a new bug in Netscape Communicator 4.07, 4.05 (probably others),
>| which allows reading the user's cache (the URLs the user has visited, including the info in GET forms).
>| The bug uses Javascript - a link to 'about:<SCRIPT>...javascript code...</SCRIPT>' does the work.
>|
>| A demo is available at: http://www.freeyellow.com/members5/guninski/ncache.html
>|
>| Part of the code is borrowed from Dan Brumleve <nothingat_private>, for better goodies see:
>| http://www.shout.net/~nothing/son-of-cache-cow/index.html
>| Workaround: Disable Javascript.
>|
>| Regards,
>| Georgi Guninski
>|
>|
>| ____________________________________________________________________
>| Get free e-mail and a permanent address at http://www.netaddress.com/?N=1
>|

Hello,

Netscape 4.05, 4.07 (and 3.01 and 3.0 Gold) for Solaris 2.51 and for
Linux Red Hat 5.0 and 5.1 are NOT vulnerable to this bug.

- --
Ken Williams

Packet Storm Security http://www.Genocide2600.com/~tattooman/index.shtml
E.H.A.P. Corporation  http://www.ehap.org/  ehapat_private infoat_private
NCSU Comp Sci Dept    http://www.csc.ncsu.edu/ jkwilli2at_private
PGP DSS/DH/RSA Keys   http://www4.ncsu.edu/~jkwilli2/pgpkey/

__________________________________________________
Get Your Private, Free Email at http://www.nsa.gov

-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 5.0i for non-commercial use
Charset: noconv

iQEVAwUBNh2PZZDw1ZsNz1IXAQFeWAf/XmotliDh4/S6trSfBn7C0EYrDesE2zPB
g83VIWB7ShvMDX5BDXPYwnCeUA23xUpzaKw+b180KKIpwjsvO2umHd1VM59beOSZ
shzfM6UtSrd89IGjN7UyPVAxhPfkY3H8sIY6nm8oAIPT/rAYEbbJdHO/UbCvtNk1
qAq7LVw4m9c4W5mFzqTM1HAzEsyUFWPusD6n1nviBDobY2EYrQi33iPTRpmaPru/
YPi9ppM2QRYiB1OqR7qlrzPX7tOBE2Lq1JO2tmVJ2LfpTs/5BC5dVhvkRE0Uzwhw
NgyKr2F1s4Hvv1imnlrDni9sSfm9hCuqQiwNZ26vHaYlJP2aRAvDtw==
=ZICv
-----END PGP SIGNATURE-----

Next message: Simple Nomad: "Last (hopefully) update on GroupWise"
Previous message: costello, don: "Re: More Rconsole stuff"
Maybe in reply to: Georgi Guninski: "Another Netscape 4.07 cache reading bug"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:19:11 PDT