Bugtraq mailing list archives

Re: Netscape exploit solved

From: kooros () TITAN SRRB NOAA GOV (Paul T. Kooros)
Date: Mon, 23 Jun 1997 19:20:50 -0600


    Hi,
        Since apparently others have posted solutions, here is mine.
As I have mentioned to certain individuals previously, where I previously
thought other methods of triggering the form-order reload bug were
implicated (<META TYPE="refresh" CONTENT="1"> or Java JSObject called
form reload) they seem not to trigger the bug.  Perhaps it is a "dirty"
flag on cache objects that was not set in one case.

        Please, again, do not allow this information to fall into evil hands,
or use it for evil yourself.

               http://www.kooros.com/fupldtest/nsbug.html

Thanks.
                -Paul.

P.S.  The web site is at the end of a slow line, and serves only this purpose.

Current thread:

Re: Netscape Exploit SOLVED Paul T. Kooros (Jun 16)
- Re: Netscape Exploit SOLVED Yusuf Motiwala (Jun 18)
- Netscape Communicator 4.01 Aleph One (Jun 18)
- [Fwd: DESCHALL Press Release] Brian Young (Jun 18)
- <Possible follow-ups>
- Re: Netscape Exploit SOLVED Edwin Li-Kai Liu (Jun 19)
  - Re: Netscape Exploit SOLVED John Robert LoVerso (Jun 20)
- Re: Netscape Exploit SOLVED Aymeric Grassart (Jun 20)
- Re: Netscape exploit solved Paul T. Kooros (Jun 23)