Re: Information Leak Bug in Netscape Mail

From: Scott Dier (diemanat_private)
Date: Fri Nov 23 2001 - 13:07:11 PST

Next message: Ron DuFresne: "Re: [NetGuard Security] NSI Rwhoisd another Remote Format String Vulnerability"

Previous message: § o m e 1: "Fwd: An Important Message From HostRocket"
In reply to: bugtraq: "Information Leak Bug in Netscape Mail"
Next in thread: Stephen Cope: "Re: Information Leak Bug in Netscape Mail"
Reply: Stephen Cope: "Re: Information Leak Bug in Netscape Mail"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> All versions of Netscape Mail that the GOBBLES researchers tested seemed
> to be vulnerable to this attack.

I believe this was reported to Mozilla's bugzilla eons ago and Is *not*
leaking information (tested with 0.9.5)

I think it was fixed somewhere back in the milestones.  Thus, the
current release of netscape mail doesn't have this issue, I think.  I'm
guessing you were working with 4.7x? or one of the old 6.x beta/preview
releases?

Thanks

-- 
Scott Dier <diemanat_private> <sdierat_private>
http://www.ringworld.org/  #linuxosat_private

So I ran up to him, and the exchange went something like this:
Me: Oh my god! You're Larry Niven!
Him: Oh my god! You're Wil Wheaton!
	-Wil Wheaton, in a Slashdot interview

Next message: Ron DuFresne: "Re: [NetGuard Security] NSI Rwhoisd another Remote Format String Vulnerability"
Previous message: § o m e 1: "Fwd: An Important Message From HostRocket"
In reply to: bugtraq: "Information Leak Bug in Netscape Mail"
Next in thread: Stephen Cope: "Re: Information Leak Bug in Netscape Mail"
Reply: Stephen Cope: "Re: Information Leak Bug in Netscape Mail"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Nov 23 2001 - 16:08:38 PST