Bugtraq mailing list archives
Re: Form insecurity in Netscape
From: avery () AURAGEN COM (Andy Avery)
Date: Wed, 4 Nov 1998 15:54:02 -0500
On Tue, 3 Nov 1998, kelani wrote:
Date: Tue, 3 Nov 1998 22:25:35 -0500 From: kelani <kelani () KELANI COM> To: BUGTRAQ () netspace org Subject: Form insecurity in Netscape *resubmitted with the offending paragraph removed, thanks for your patience, O phearable one.* Greetings all, Apologies if it has already been known or was discussed earlier. I see no mention in the archive, and it's such an obvious thing... In the Netscape Navigator 3.x and Communicator 4.x installations at my school, where all users share a common login, Navigator seems to write a 'nsformXX.tmp' file when a user fills out a form on a webpage. This file contains the fields the user filled in as plaintext, and looks like this:
Just poking around and checking things here, I found that there are two conditions that *must* be met for this to happen: #1) The form that is submitted must be a MIME-Encoded form (enctype="multipart/form-data" in the <form> tag) as opposed to the default of a URL-Encoded form. (if there's no "enctype" element in a <form> tag, it defaults to URL-Encoded) #2) the environmental variable TEMP *must* be set. This was not the case for my setup until I added it in my autoexec.bat and rebooted. I tested this using Communicator v4.04 on Win95. When I attempted this with a URL-Encoded form, it didn't work. I tested it using a MIME-Encoded form and it still didn't work. So I set TEMP in autoexec and rebooted. Tried it on a URL-Encoded form, and it didn't work. Tried it on the MIME-Encoded form, and a file called nstempCG.tmp showed up in the path that I set TEMP to. Both forms were of my creation on my server here, and I just wrote dummy perl scripts to receive the call from the web server. Hope this helps anyone...... _____________________________________________________________ Andy Avery Systems/Network Administrator Auragen Communications, Inc. 620 Park Ave, Ste. 177 v: 716.242.8759 Rochester, NY 14607 f: 716.242.0417
Current thread:
- Form insecurity in Netscape kelani (Nov 03)
- Re: Form insecurity in Netscape Andy Avery (Nov 04)
- <Possible follow-ups>
- Re: Form insecurity in Netscape Mark R. Bowyer - Sun UK - Sun Developer Relations (Nov 04)