Full Disclosure mailing list archives
Re: IE
From: nicolas vigier <boklm () mars-attacks org>
Date: Mon, 19 Jul 2004 13:46:59 +0200
On Sun, 18 Jul 2004, Ill will wrote:
"user-agent contains very little _sensitive_ info" user agents could be used for exploits.. like redirecting the browser to whatever exploit page by the definition of what browser is connecting to it etc.. so it would be a good idea for some people to conseal what type of browser is defined in the headers
And you can feel safe with that ? Someone can put an exploit on a page without checking your browser before. The real solution is to use a browser with no known vulnerability (and that's better if it didn't have a lot in the past), not to try to hide what you are using. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html