Bugtraq mailing list archives
cookies - nothing new
From: schampeo () HESKETH COM (Steven Champeon)
Date: Mon, 7 Feb 2000 19:29:10 -0500
The discussion regarding cookies is old news. <http://help.netscape.com/kb/consumer/19981231-1.html> More info used to be here: <http://www.paradise.net.nz/~glineham/cookiemonster.html> Does anyone know where it went? The URL below gives an email address for Oliver Lineham <oliver () lineham co nz> but I can't seem to pull up a Web site for lineham.co.nz. Oh, wait - here's an article that gives the date when Oliver posted the Cookie Monster bug to BUGTRAQ: <http://webserver.cpg.com/ws/4.2/> OK, here is the original BUGTRAQ post: <3.0.6.32.19981224110919.007c7520 () paradise net nz">http://www.securityfocus.com/templates/archive.pike?list=1&date=1998-12-22&msg=3.0.6.32.19981224110919.007c7520 () paradise net nz</A>> Unfortunately, it doesn't contain much other than "visit the Web site for more details". :( Anyway, IIRC, it's the same problem described in the Netscape advisory at the top of this message. Here's a bit of somewhat belated, but still frenzied, hype as well: <http://www.securiteam.com/exploits/Cookie_Monster_vulnerability.html> Other cookie-related info: <http://www.cookiecentral.com/bug/index.shtml> <http://www.w3.org/Security/Faq/wwwsf7.html#Q66> Steve
Current thread:
- SCO OpenServer SNMPD vulnerability, (continued)
- SCO OpenServer SNMPD vulnerability NAI Labs (Feb 07)
- Re: Tempfile vulnerabilities Werner Koch (Feb 02)
- Re: Tempfile vulnerabilities Chris Cappuccio (Feb 03)
- Cross Site Scripting security issue Robert Zilbauer (Feb 02)
- Re: Tempfile vulnerabilities Len Budney (Feb 03)
- Re: Tempfile vulnerabilities antirez (Feb 05)
- Re: Tempfile vulnerabilities Ian Turner (Feb 07)
- Re: Tempfile vulnerabilities Seth David Schoen (Feb 07)
- Remote access vulnerability in all MySQL server versions Robert van der Meulen (Feb 08)
- don't run random "exploit" code Marc Slemko (Feb 08)
- cookies - nothing new Steven Champeon (Feb 07)
- Re: cookies - nothing new MJE (Feb 08)
- Re: Tempfile vulnerabilities Peter Berendi (Feb 08)
- Re: Tempfile vulnerabilities Marc Lehmann (Feb 08)