Bugtraq mailing list archives

open socket in java

From: nino () INFORM DK (nino)
Date: Wed, 3 Feb 1999 14:32:20 +0000


Giao Nguyen wrote:


Just for kicks, I wrote a sample applet that listened on a socket. I
discovered that when the applet was loaded under Netscape (as tested
with version 4.5), any hosts could then connect to the machine running


snip...snip

I tried but couldnt arrive at those consequences. It doesnt go that way
under linux.

The implications are obvious. If any host can connect to the machine
running the aplet, you could tell java to do things like the boserver.
If
you have a completely open socket, its rock n' roll !

BTW - dont be afraid to release the code. It makes it more easy to the
rest of us, to see what happened. And the script kids got lots of evil
tools out there, so I think they wouldnt be too interested in code they
have to alter before its useful.

Best Regards

Nino

Current thread:

open socket in java nino (Feb 03)
- <Possible follow-ups>
- Re: open socket in java Aviram Jenik (Feb 04)
  - Re: open socket in java Hale (Feb 05)
  - Re: open socket in java Lincoln Stein (Feb 05)
    - Re: open socket in java Tim Wright (Feb 09)
- Re: open socket in java Toby Chamberlain (Feb 04)
- Re: open socket in java Simon Kilvington (Feb 05)
- Re: open socket in java Posick, Steve (Feb 09)
- FW: open socket in java Nin|a405 (Feb 11)
- Re: open socket in java Simon Kilvington (Feb 12)