-----BEGIN PGP SIGNED MESSAGE----- On Thu, 8 Oct 1998, Georgi Guninski wrote: >| Date: Thu, 8 Oct 1998 22:20:19 -0400 >| From: Georgi Guninski <guninskiat_private> >| To: BUGTRAQat_private >| Subject: Another Netscape 4.07 cache reading bug >| >| I have found a new bug in Netscape Communicator 4.07, 4.05 (probably others), >| which allows reading the user's cache (the URLs the user has visited, including the info in GET forms). >| The bug uses Javascript - a link to 'about:<SCRIPT>...javascript code...</SCRIPT>' does the work. >| >| A demo is available at: http://www.freeyellow.com/members5/guninski/ncache.html >| >| Part of the code is borrowed from Dan Brumleve <nothingat_private>, for better goodies see: >| http://www.shout.net/~nothing/son-of-cache-cow/index.html >| Workaround: Disable Javascript. >| >| Regards, >| Georgi Guninski >| >| >| ____________________________________________________________________ >| Get free e-mail and a permanent address at http://www.netaddress.com/?N=1 >| Hello, Netscape 4.05, 4.07 (and 3.01 and 3.0 Gold) for Solaris 2.51 and for Linux Red Hat 5.0 and 5.1 are NOT vulnerable to this bug. - -- Ken Williams Packet Storm Security http://www.Genocide2600.com/~tattooman/index.shtml E.H.A.P. Corporation http://www.ehap.org/ ehapat_private infoat_private NCSU Comp Sci Dept http://www.csc.ncsu.edu/ jkwilli2at_private PGP DSS/DH/RSA Keys http://www4.ncsu.edu/~jkwilli2/pgpkey/ __________________________________________________ Get Your Private, Free Email at http://www.nsa.gov -----BEGIN PGP SIGNATURE----- Version: PGPfreeware 5.0i for non-commercial use Charset: noconv iQEVAwUBNh2PZZDw1ZsNz1IXAQFeWAf/XmotliDh4/S6trSfBn7C0EYrDesE2zPB g83VIWB7ShvMDX5BDXPYwnCeUA23xUpzaKw+b180KKIpwjsvO2umHd1VM59beOSZ shzfM6UtSrd89IGjN7UyPVAxhPfkY3H8sIY6nm8oAIPT/rAYEbbJdHO/UbCvtNk1 qAq7LVw4m9c4W5mFzqTM1HAzEsyUFWPusD6n1nviBDobY2EYrQi33iPTRpmaPru/ YPi9ppM2QRYiB1OqR7qlrzPX7tOBE2Lq1JO2tmVJ2LfpTs/5BC5dVhvkRE0Uzwhw NgyKr2F1s4Hvv1imnlrDni9sSfm9hCuqQiwNZ26vHaYlJP2aRAvDtw== =ZICv -----END PGP SIGNATURE-----
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:19:11 PDT