Full Disclosure mailing list archives

Re: IE

From: nicolas vigier <boklm () mars-attacks org>
Date: Mon, 19 Jul 2004 13:46:59 +0200

On Sun, 18 Jul 2004, Ill will wrote:

"user-agent contains very little _sensitive_ info"

user agents could be used for exploits.. like redirecting the browser
to whatever exploit page  by the definition of what browser is
connecting to it etc.. so it would be a  good idea for some people to
conseal what type of browser is defined in the headers


And you can feel safe with that ? Someone can put an exploit on a page
without checking your browser before.
The real solution is to use a browser with no known vulnerability (and
that's better if it didn't have a lot in the past), not to try to hide
what you are using.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Current thread:

IE Gabriel Alexadros (Jul 17)
- Re: IE morning_wood (Jul 17)
- RE: IE {tonyFelice} (Jul 17)
  - RE: IE Eric Paynter (Jul 18)
    - Re: IE Ill will (Jul 18)
    - Re: IE nicolas vigier (Jul 19)
    - Re: IE Eric Paynter (Jul 19)
    - Re: IE tshilson (Jul 19)
    - Re: IE J.A. Terranson (Jul 19)
    - Re: IE Rodrigo Barbosa (Jul 19)
    - Re: IE tshilson (Jul 19)
    - Re: IE lonely wolf (Jul 20)
    - Re: IE Lupe Christoph (Jul 20)
    - Re: IE lonely wolf (Jul 20)
    - Re: IE tshilson (Jul 20)
    - Re: IE Rodrigo Barbosa (Jul 20)

(Thread continues...)