IE 5.0 - Possible Cache Security Risk

From: Jason Parker (jparker@o-negative.net)
Date: Tue Oct 23 2001 - 22:23:51 PDT

Next message: Oliver Bleutgen: "Re: IE 5.0 - Possible Cache Security Risk"

Previous message: riezel.t.serdanat_private: "Re: Opera Browser goes Crash"
Next in thread: Oliver Bleutgen: "Re: IE 5.0 - Possible Cache Security Risk"
Reply: Oliver Bleutgen: "Re: IE 5.0 - Possible Cache Security Risk"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Disregard if this has discussed previously or is just a
misconfiguration..

Recently, when setting up an htaccess section on my website I noticed
that there is a caching problem with IE 5.0x.

Problem:
   When previously restricted site are accessed with an authenticated
login, users who open IE 5.0 and access the same sites, can "cancel"
the login prompt and the cached page will open up. Yes, you have to
keep doing this to view all the links, but we can obviously see the
problem.

Possible Fixes:
   I set IE to check for new versions of the page every time, but
that still didn't help.

Versions:
   IE 5.0 (For sure)
   IE 5.5, and 6.0 are not vulnerable.
_________________________________
Jason Parker - http://www.o-negative.net
o-Negative: Information Network

Next message: Oliver Bleutgen: "Re: IE 5.0 - Possible Cache Security Risk"
Previous message: riezel.t.serdanat_private: "Re: Opera Browser goes Crash"
Next in thread: Oliver Bleutgen: "Re: IE 5.0 - Possible Cache Security Risk"
Reply: Oliver Bleutgen: "Re: IE 5.0 - Possible Cache Security Risk"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Tue Oct 23 2001 - 22:47:48 PDT