I have discovered what I beleive to be a flaw in the implementation of cookies, that allows for possible security implications. Products affected appear to include EVERY VERSION of Navigator that support cookies, and EVERY VERSION of Internet Explorer that support cookies. For a detailed explanation and analysis, please visit http://www.paradise.net.nz/~glineham/cookiemonster.html immediately. This site also contains a working demonstration. The problem relates to the restrictions applied to domains outside the united states, and how many dots they must contain. The site contains a full analysis of the problem, and has a working demonstration. Regards, Oliver Lineham --------------------------------------------------- Internet Services / Webdesign / Strategic Planning PO Box 30-481, Lower Hutt, NZ oliverat_private Phone +64 4 566-0627 Facsimile +64 4 570-1900
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:26:05 PDT