Bugtraq mailing list archives

Re: Javascript bug in Netscape Communicator 4.5

From: tarreau () AEMIAIF LIP6 FR (Willy TARREAU)
Date: Thu, 29 Oct 1998 11:59:05 +0100


There is a bug in Netscape Communicator 4.5, 4.07, 3.04 under Windows 95
(probably others) which allows reading user's cache (the urls the user
has
visited, including the info in GET forms). Reading local directories
content
is also allowed. This info may be sent to an arbitrary host.
The bug may be exploited by email.


it also works under Linux, and probably other Unixes as demonstrated by the
slightly modified copy I've made from your page which can be accessed at :

  http://www-miaif.lip6.fr/willy/security/netscape.html

Workaround: Disable Javascript.
Regards,
Georgi Guninski
http://www.geocities.com/ResearchTriangle/1711/

                                        Willy

--
+----------------------------------------------------------------------------+
| Willy Tarreau - tarreau () aemiaif lip6 fr - http://www-miaif.lip6.fr/willy/  |
| System and Network Engineer at NOVECOM ( France ) - http://www.novecom.fr/ |
| Magistere d'Informatique Appliquee de l'Ile de France ( MIAIF ), Year 1997 |
+----------------------------------------------------------------------------+

Current thread:

Printer Sharing and M1CR0S0FT Windows98 enayd () KRYPT COM (Oct 24)
- Re: Printer Sharing and M1CR0S0FT Windows98 Neale Banks (Oct 27)
  - Re: Printer Sharing and M1CR0S0FT Windows98 Caskey L. Dickson (Oct 28)
- More about multi-stack allocator. Serge Orlov (Oct 28)
- FW: Security Bulletins Digest Patrick Oonk (Oct 28)
- Javascript bug in Netscape Communicator 4.5 Georgi Guninski (Oct 28)
  - Re: Javascript bug in Netscape Communicator 4.5 Willy TARREAU (Oct 29)
  - Re: Javascript bug in Netscape Communicator 4.5 Ryan Gray (Oct 29)
- <Possible follow-ups>
- Re: Printer Sharing and M1CR0S0FT Windows98 Paul Leach (Oct 27)